CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Chrome » 4.0.249.51 : Security Vulnerabilities (CVSS score >= 7)

Cpe Name:cpe:/a:google:chrome:4.0.249.51
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-2011-1807 119 Exec Code Overflow 2011-05-26 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger an out-of-bounds write.
152 CVE-2011-1806 119 DoS Exec Code Overflow Mem. Corr. 2011-05-26 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Google Chrome before 11.0.696.71 does not properly implement the GPU command buffer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
153 CVE-2011-1804 20 DoS 2011-05-26 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696.71, does not properly render floats, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
154 CVE-2011-1456 20 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
155 CVE-2011-1454 399 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document.
156 CVE-2011-1451 20 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."
157 CVE-2011-1449 399 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
158 CVE-2011-1448 20 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 does not properly perform height calculations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
159 CVE-2011-1447 20 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 does not properly handle drop-down lists, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
160 CVE-2011-1443 20 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
161 CVE-2011-1442 20 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attackers to cause a denial of service (node tree corruption) or possibly have unspecified other impact via unknown vectors.
162 CVE-2011-1440 399 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences.
163 CVE-2011-1439 20 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 on Linux does not properly isolate renderer processes, which has unspecified impact and remote attack vectors.
164 CVE-2011-1438 264 Bypass 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vectors involving blobs.
165 CVE-2011-1437 189 DoS Overflow 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering.
166 CVE-2011-1303 20 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
167 CVE-2011-1302 119 Exec Code Overflow 2011-04-15 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
168 CVE-2011-1301 399 Exec Code 2011-04-15 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
169 CVE-2011-1300 189 Exec Code 2011-04-15 2019-07-18
10.0
None Remote Low Not required Complete Complete Complete
The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error.
170 CVE-2011-1296 20 DoS 2011-03-25 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
171 CVE-2011-1295 20 DoS XSS 2011-03-25 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified other impact via unknown vectors.
172 CVE-2011-1294 20 DoS 2011-03-25 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
173 CVE-2011-1293 399 DoS 2011-03-25 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
174 CVE-2011-1292 399 DoS 2011-03-25 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
175 CVE-2011-1291 119 DoS Overflow 2011-03-25 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error."
176 CVE-2011-1286 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger incorrect access to memory.
177 CVE-2011-1285 119 DoS Overflow Mem. Corr. 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The regular-expression functionality in Google Chrome before 10.0.648.127 does not properly implement reentrancy, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
178 CVE-2011-1203 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
179 CVE-2011-1201 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
180 CVE-2011-1199 20 DoS 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.
181 CVE-2011-1198 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger use of a malformed "out-of-bounds structure."
182 CVE-2011-1197 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not properly perform table painting, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
183 CVE-2011-1196 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The OGG container implementation in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write.
184 CVE-2011-1195 399 DoS 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "document script lifetime handling."
185 CVE-2011-1193 264 Bypass 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
186 CVE-2011-1191 399 DoS 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of DOM URLs.
187 CVE-2011-1189 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
188 CVE-2011-1188 119 DoS Overflow Mem. Corr. 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
189 CVE-2011-1185 264 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not prevent (1) navigation and (2) close operations on the top location of a sandboxed frame, which has unspecified impact and remote attack vectors.
190 CVE-2011-1125 20 DoS 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 9.0.597.107 does not properly perform layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
191 CVE-2011-1124 399 DoS 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins.
192 CVE-2011-1123 20 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 9.0.597.107 does not properly restrict access to internal extension functions, which has unspecified impact and remote attack vectors.
193 CVE-2011-1121 189 DoS Overflow 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element.
194 CVE-2011-1119 119 DoS Overflow 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 9.0.597.107 does not properly determine device orientation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
195 CVE-2011-1117 119 DoS Overflow 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes."
196 CVE-2011-1116 20 DoS 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 9.0.597.107 does not properly handle SVG animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
197 CVE-2011-1115 119 DoS Overflow 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
198 CVE-2011-1114 119 DoS Overflow 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
199 CVE-2011-1112 20 DoS 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 9.0.597.107 does not properly perform SVG rendering, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.
200 CVE-2011-1111 20 DoS 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 9.0.597.107 does not properly implement forms controls, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.
Total number of vulnerabilities : 298   Page : 1 2 3 4 (This Page)5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.