CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Chrome » 1.0.154.42 : Security Vulnerabilities

Cpe Name:cpe:/a:google:chrome:1.0.154.42
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
501 CVE-2011-3050 399 DoS 2012-03-22 2018-01-09
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.
502 CVE-2011-3049 264 DoS 2012-03-23 2018-01-09
5.0
None Remote Low Not required None None Partial
Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension.
503 CVE-2011-3047 119 DoS Exec Code Overflow Mem. Corr. 2012-03-10 2018-01-12
10.0
None Remote Low Not required Complete Complete Complete
The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an error in the plug-in loading mechanism.
504 CVE-2011-3046 20 Exec Code XSS 2012-03-08 2018-01-12
10.0
None Remote Low Not required Complete Complete Complete
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.
505 CVE-2011-3045 189 DoS Exec Code 2012-03-22 2018-01-09
6.8
None Remote Medium Not required Partial Partial Partial
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.
506 CVE-2011-3044 399 DoS 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements.
507 CVE-2011-3043 399 DoS 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements.
508 CVE-2011-3042 399 DoS 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections.
509 CVE-2011-3041 399 DoS 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes.
510 CVE-2011-3040 399 DoS 2012-03-05 2018-01-12
4.3
None Remote Medium Not required None None Partial
Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
511 CVE-2011-3039 399 DoS 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling.
512 CVE-2011-3038 399 DoS 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling.
513 CVE-2011-3037 DoS 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
514 CVE-2011-3036 DoS 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
515 CVE-2011-3035 399 DoS 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.
516 CVE-2011-3034 399 DoS 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document.
517 CVE-2011-3033 119 DoS Overflow 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
518 CVE-2011-3032 399 DoS 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values.
519 CVE-2011-3031 399 DoS 2012-03-05 2018-01-12
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
520 CVE-2011-3027 DoS 2012-02-16 2018-01-09
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
521 CVE-2011-3026 189 DoS Overflow 2012-02-16 2018-01-09
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.
522 CVE-2011-3025 125 DoS 2012-02-16 2018-01-09
5.0
None Remote Low Not required None None Partial
Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
523 CVE-2011-3024 20 DoS 2012-02-16 2018-01-09
5.0
None Remote Low Not required None None Partial
Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate.
524 CVE-2011-3023 399 DoS 2012-02-16 2018-01-09
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations.
525 CVE-2011-3022 200 +Info 2012-02-16 2018-01-09
5.0
None Remote Low Not required Partial None None
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network.
526 CVE-2011-3021 399 DoS 2012-02-16 2018-01-09
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading.
527 CVE-2011-3020 2012-02-16 2018-01-09
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors.
528 CVE-2011-3019 119 DoS Overflow 2012-02-16 2018-01-09
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file.
529 CVE-2011-3018 119 DoS Overflow 2012-02-16 2018-01-09
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering.
530 CVE-2011-3017 399 DoS 2012-02-16 2018-01-09
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling.
531 CVE-2011-3016 399 DoS 2012-02-16 2018-01-09
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue.
532 CVE-2011-3015 189 DoS Overflow 2012-02-16 2018-01-09
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
533 CVE-2011-2881 119 DoS Overflow Mem. Corr. 2011-10-04 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 14.0.835.202 does not properly handle Google V8 hidden objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code.
534 CVE-2011-2880 399 DoS 2011-10-04 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings.
535 CVE-2011-2879 20 DoS 2011-10-04 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 14.0.835.202 does not properly consider object lifetimes and thread safety during the handling of audio nodes, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
536 CVE-2011-2878 264 Bypass 2011-10-04 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 14.0.835.202 does not properly restrict access to the window prototype, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
537 CVE-2011-2877 20 DoS 2011-10-04 2018-01-05
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font."
538 CVE-2011-2876 399 DoS 2011-10-04 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a text line box.
539 CVE-2011-2875 20 DoS 2011-09-19 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google V8, as used in Google Chrome before 14.0.835.163, does not properly perform object sealing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
540 CVE-2011-2874 310 2011-09-19 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 14.0.835.163 does not perform an expected pin operation for a self-signed certificate during a session, which has unspecified impact and remote attack vectors.
541 CVE-2011-2864 119 DoS Overflow 2011-09-19 2017-09-18
5.0
None Remote Low Not required None None Partial
Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
542 CVE-2011-2862 264 2011-09-19 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google V8, as used in Google Chrome before 14.0.835.163, does not properly restrict access to built-in objects, which has unspecified impact and remote attack vectors.
543 CVE-2011-2861 20 2011-09-19 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 14.0.835.163 does not properly handle strings in PDF documents, which allows remote attackers to have an unspecified impact via a crafted document that triggers an incorrect read operation.
544 CVE-2011-2860 399 DoS 2011-09-19 2018-01-05
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.
545 CVE-2011-2859 264 2011-09-19 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 14.0.835.163 uses incorrect permissions for non-gallery pages, which has unspecified impact and attack vectors.
546 CVE-2011-2858 119 DoS Overflow 2011-09-19 2017-09-18
5.0
None Remote Low Not required None None Partial
Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
547 CVE-2011-2857 399 DoS 2011-09-19 2018-01-05
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.
548 CVE-2011-2856 264 Bypass 2011-09-19 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
549 CVE-2011-2855 20 DoS 2011-09-19 2018-01-05
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
550 CVE-2011-2854 399 DoS 2011-09-19 2018-01-05
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing."
Total number of vulnerabilities : 870   Page : 1 2 3 4 5 6 7 8 9 10 11 (This Page)12 13 14 15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.