Vulnerabilities > Google > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-11-12 | CVE-2009-3931 | Improper Input Validation vulnerability in Google Chrome Incomplete blacklist vulnerability in browser/download/download_exe.cc in Google Chrome before 3.0.195.32 allows remote attackers to force the download of certain dangerous files via a "Content-Disposition: attachment" designation, as demonstrated by (1) .mht and (2) .mhtml files, which are automatically executed by Internet Explorer 6; (3) .svg files, which are automatically executed by Safari; (4) .xml files; (5) .htt files; (6) .xsl files; (7) .xslt files; and (8) image files that are forbidden by the victim's site policy. | 9.3 |
2009-08-27 | CVE-2009-2935 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google V8, as used in Google Chrome before 2.0.172.43, allows remote attackers to bypass intended restrictions on reading memory, and possibly obtain sensitive information or execute arbitrary code in the Chrome sandbox, via crafted JavaScript. | 10.0 |
2009-08-19 | CVE-2008-6998 | Buffer Errors vulnerability in Google Chrome 0.2.149.27 Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in Google Chrome 0.2.149.27 and other versions before 0.2.149.29 might allow user-assisted remote attackers to execute arbitrary code via a link target (href attribute) with a large number of path elements, which triggers the overflow when the status bar is updated after the user hovers over the link. | 9.3 |
2009-08-19 | CVE-2008-6994 | Buffer Errors vulnerability in Google Chrome 0.2.149.27 Stack-based buffer overflow in the SaveAs feature (SaveFileAsWithFilter function) in win_util.cc in Google Chrome 0.2.149.27 allows user-assisted remote attackers to execute arbitrary code via a web page with a long TITLE element, which triggers the overflow when the user saves the page and a long filename is generated. | 9.3 |
2009-07-21 | CVE-2009-2556 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome Google Chrome before 2.0.172.37 allows attackers to leverage renderer access to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors that trigger excessive memory allocation. | 9.3 |
2009-07-21 | CVE-2009-2555 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome and V8 Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote attackers to execute arbitrary code in the Chrome sandbox via a crafted JavaScript regular expression. | 9.3 |
2009-06-23 | CVE-2009-2121 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome Buffer overflow in the browser kernel in Google Chrome before 2.0.172.33 allows remote HTTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted response. | 9.3 |
2009-06-10 | CVE-2009-1690 | Resource Management Errors vulnerability in multiple products Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers." | 9.3 |
2009-05-11 | CVE-2009-1598 | Unspecified vulnerability in Google Chrome Google Chrome executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated by a web site that permits PDF uploads by untrusted users, and therefore has a shared document.domain between the web site and this javascript: URI. | 9.3 |
2009-05-07 | CVE-2009-1441 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome Heap-based buffer overflow in the ParamTraits<SkBitmap>::Read function in Google Chrome before 1.0.154.64 allows attackers to leverage renderer access to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to a large bitmap that arrives over the IPC channel. | 9.3 |