Vulnerabilities > Google > Chrome > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-04-01 | CVE-2010-1237 | Improper Input Validation vulnerability in Google Chrome Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via an empty SVG element. | 7.5 |
2010-04-01 | CVE-2010-1234 | Remote Security vulnerability in Chrome Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to truncate the URL shown in the HTTP Basic Authentication dialog via unknown vectors. | 7.5 |
2010-04-01 | CVE-2010-1231 | Remote Security vulnerability in Chrome Google Chrome before 4.1.249.1036 processes HTTP headers before invoking the SafeBrowsing feature, which allows remote attackers to have an unspecified impact via crafted headers. | 7.5 |
2009-09-29 | CVE-2009-3456 | Cryptographic Issues vulnerability in Google Chrome Google Chrome, possibly 3.0.195.21 and earlier, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | 7.5 |
2009-04-24 | CVE-2009-1412 | Information Exposure vulnerability in Google Chrome Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0.154.59, when invoked by Internet Explorer, allows remote attackers to determine the existence of files, and open tabs for URLs that do not satisfy the IsWebSafeScheme restriction, via a web page that sets document.location to a chromehtml: value, as demonstrated by use of a (1) javascript: or (2) data: URL. | 7.8 |