CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Chrome » 2.0.172.30 : Security Vulnerabilities Published In 2010 (Memory Corruption)

Cpe Name:cpe:/a:google:chrome:2.0.172.30
CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Copy Results Download Results Select Table
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2010-4491 264 DoS Mem. Corr. 2010-12-07 2011-07-18
4.3
 None Remote Medium Not required None None Partial
Google Chrome before 8.0.552.215 does not properly restrict privileged extensions, which allows remote attackers to cause a denial of service (memory corruption) via a crafted extension.
2 CVE-2010-4203 119 DoS Exec Code Overflow Mem. Corr. 2010-11-05 2011-07-18
9.3
 None Remote Medium Not required Complete Complete Complete
WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames.
3 CVE-2010-4198 20 DoS Mem. Corr. 2010-11-05 2011-07-18
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted HTML document.
4 CVE-2010-4040 119 DoS Overflow Mem. Corr. 2010-10-21 2011-07-18
9.3
 None Remote Medium Not required Complete Complete Complete
Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image.
5 CVE-2010-3416 119 DoS Overflow Mem. Corr. 2010-09-16 2012-01-26
10.0
 None Remote Low Not required Complete Complete Complete
Google Chrome before 6.0.472.59 on Linux does not properly implement the Khmer locale, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
6 CVE-2010-3415 119 DoS Overflow Mem. Corr. 2010-09-16 2011-07-18
10.0
 None Remote Low Not required Complete Complete Complete
Google Chrome before 6.0.472.59 does not properly implement Geolocation, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
7 CVE-2010-3414 119 DoS Overflow Mem. Corr. 2010-09-16 2012-01-26
10.0
 None Remote Low Not required Complete Complete Complete
Google Chrome before 6.0.472.59 on Mac OS X does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. NOTE: this issue exists because of an incorrect fix for CVE-2010-3112 on Mac OS X.
8 CVE-2010-3255 20 DoS Mem. Corr. 2010-09-07 2011-07-18
9.3
 None Remote Medium Not required Complete Complete Complete
Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
9 CVE-2010-3253 399 DoS Mem. Corr. 2010-09-07 2011-07-18
10.0
 None Remote Low Not required Complete Complete Complete
The implementation of notification permissions in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
10 CVE-2010-3120 119 DoS Overflow Mem. Corr. 2010-08-24 2011-07-18
10.0
 None Remote Low Not required Complete Complete Complete
Google Chrome before 5.0.375.127 does not properly implement the Geolocation feature, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
11 CVE-2010-3119 119 DoS Overflow Mem. Corr. 2010-08-24 2011-07-18
10.0
 None Remote Low Not required Complete Complete Complete
Google Chrome before 5.0.375.127 and webkitgtk before 1.2.6 do not properly support the Ruby language, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
12 CVE-2010-3113 119 DoS Overflow Mem. Corr. 2010-08-24 2011-07-18
10.0
 None Remote Low Not required Complete Complete Complete
Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonController.
13 CVE-2010-3112 119 DoS Overflow Mem. Corr. 2010-08-24 2011-07-18
10.0
 None Remote Low Not required Complete Complete Complete
Google Chrome before 5.0.375.127 does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
14 CVE-2010-2902 119 DoS Overflow Mem. Corr. 2010-07-28 2011-07-18
10.0
 None Remote Low Not required Complete Complete Complete
The SVG implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
15 CVE-2010-2901 119 DoS Overflow Mem. Corr. 2010-07-28 2011-07-18
10.0
 None Remote Low Not required Complete Complete Complete
The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
16 CVE-2010-2651 119 DoS Overflow Mem. Corr. 2010-07-06 2011-07-18
9.3
 None Remote Medium Not required Complete Complete Complete
The Cascading Style Sheets (CSS) implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
17 CVE-2010-2648 310 DoS Mem. Corr. 2010-07-06 2011-07-18
9.3
 None Remote Medium Not required Complete Complete Complete
The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
18 CVE-2010-2647 119 DoS Overflow Mem. Corr. 2010-07-06 2011-07-18
9.3
 None Remote Medium Not required Complete Complete Complete
Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an invalid SVG document.
19 CVE-2010-2302 399 DoS Exec Code Mem. Corr. 2010-06-15 2011-07-18
9.3
 None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771.
20 CVE-2010-2300 399 DoS Exec Code Mem. Corr. 2010-06-15 2011-07-18
9.3
 None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to handlers for DOM mutation events, aka rdar problem 7948784. NOTE: this might overlap CVE-2010-1759.
21 CVE-2010-1773 189 DoS Exec Code Mem. Corr. +Info 2010-09-24 2011-07-18
9.3
 None Remote Medium Not required Complete Complete Complete
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118.
22 CVE-2010-1770 94 DoS Exec Code Mem. Corr. 2010-06-11 2011-03-17
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue."
23 CVE-2010-1665 119 DoS Overflow Mem. Corr. 2010-05-03 2011-07-18
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.
24 CVE-2010-1664 119 DoS Overflow Mem. Corr. 2010-05-03 2011-07-18
5.0
 None Remote Low Not required None None Partial
Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.
25 CVE-2010-1506 DoS Mem. Corr. 2010-04-23 2011-07-18
7.8
 None Remote Low Not required None None Complete
The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of service (memory corruption) via unknown vectors.
26 CVE-2010-0658 189 DoS Exec Code Overflow Mem. Corr. 2010-02-18 2012-01-26
9.3
 None Remote Medium Not required Complete Complete Complete
Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements.
27 CVE-2010-0649 189 DoS Overflow Mem. Corr. 2010-02-18 2012-01-26
9.3
 None Remote Medium Not required Complete Complete Complete
Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages.
Total number of vulnerabilities : 27   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.