Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN."
Max CVSS
10.0
EPSS Score
1.25%
Published
2012-12-12
Updated
2018-10-30
Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers.
Max CVSS
10.0
EPSS Score
0.43%
Published
2012-12-12
Updated
2018-10-30
Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Max CVSS
10.0
EPSS Score
0.91%
Published
2012-12-12
Updated
2018-10-30
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader.
Max CVSS
10.0
EPSS Score
0.43%
Published
2012-12-12
Updated
2018-10-30
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events.
Max CVSS
10.0
EPSS Score
0.43%
Published
2012-12-12
Updated
2018-10-30
Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API.
Max CVSS
10.0
EPSS Score
0.96%
Published
2012-12-04
Updated
2018-10-30
6 vulnerabilities found