CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Chrome » 6.0.397.0 : Security Vulnerabilities

Cpe Name:cpe:/a:google:chrome:6.0.397.0
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
651 CVE-2011-1445 20 DoS 2011-05-03 2017-09-18
5.0
None Remote Low Not required None None Partial
Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
652 CVE-2011-1444 362 DoS 2011-05-03 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
653 CVE-2011-1443 20 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
654 CVE-2011-1442 20 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attackers to cause a denial of service (node tree corruption) or possibly have unspecified other impact via unknown vectors.
655 CVE-2011-1441 20 DoS 2011-05-03 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 11.0.696.57 does not properly perform a cast of an unspecified variable during handling of floating select lists, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.
656 CVE-2011-1440 399 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences.
657 CVE-2011-1439 20 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 on Linux does not properly isolate renderer processes, which has unspecified impact and remote attack vectors.
658 CVE-2011-1438 264 Bypass 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vectors involving blobs.
659 CVE-2011-1437 189 DoS Overflow 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering.
660 CVE-2011-1436 20 DoS 2011-05-03 2017-09-18
5.0
None Remote Low Not required None None Partial
Google Chrome before 11.0.696.57 on Linux does not properly interact with the X Window System, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
661 CVE-2011-1435 20 2011-05-03 2017-09-18
5.0
None Remote Low Not required Partial None None
Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension.
662 CVE-2011-1434 20 DoS 2011-05-03 2017-09-18
5.0
None Remote Low Not required None None Partial
Google Chrome before 11.0.696.57 does not ensure thread safety during handling of MIME data, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
663 CVE-2011-1413 DoS 2011-03-10 2017-09-18
5.0
None Remote Low Not required None None Partial
Google Chrome before 10.0.648.127 on Linux does not properly mitigate an unspecified flaw in an X server, which allows remote attackers to cause a denial of service (application crash) via vectors involving long messages.
664 CVE-2011-1305 362 DoS 2011-05-03 2017-09-18
4.3
None Remote Medium Not required None None Partial
Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database.
665 CVE-2011-1304 Bypass 2011-05-03 2017-09-18
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins.
666 CVE-2011-1303 20 DoS 2011-05-03 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
667 CVE-2011-1302 119 Exec Code Overflow 2011-04-15 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
668 CVE-2011-1301 399 Exec Code 2011-04-15 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
669 CVE-2011-1300 189 Exec Code 2011-04-15 2019-07-18
10.0
None Remote Low Not required Complete Complete Complete
The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error.
670 CVE-2011-1296 20 DoS 2011-03-25 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
671 CVE-2011-1295 20 DoS XSS 2011-03-25 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified other impact via unknown vectors.
672 CVE-2011-1294 20 DoS 2011-03-25 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
673 CVE-2011-1293 399 DoS 2011-03-25 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
674 CVE-2011-1292 399 DoS 2011-03-25 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
675 CVE-2011-1291 119 DoS Overflow 2011-03-25 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error."
676 CVE-2011-1286 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger incorrect access to memory.
677 CVE-2011-1285 119 DoS Overflow Mem. Corr. 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The regular-expression functionality in Google Chrome before 10.0.648.127 does not properly implement reentrancy, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
678 CVE-2011-1204 20 DoS 2011-03-10 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document.
679 CVE-2011-1203 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
680 CVE-2011-1202 +Info 2011-03-10 2017-09-18
5.0
None Remote Low Not required Partial None None
The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
681 CVE-2011-1201 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
682 CVE-2011-1200 DoS 2011-03-10 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not properly perform a cast of an unspecified variable during text rendering, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
683 CVE-2011-1199 20 DoS 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.
684 CVE-2011-1198 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger use of a malformed "out-of-bounds structure."
685 CVE-2011-1197 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not properly perform table painting, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
686 CVE-2011-1196 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The OGG container implementation in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write.
687 CVE-2011-1195 399 DoS 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "document script lifetime handling."
688 CVE-2011-1194 Bypass 2011-03-10 2017-09-18
5.0
None Remote Low Not required None Partial None
Multiple unspecified vulnerabilities in Google Chrome before 10.0.648.127 allow remote attackers to bypass the pop-up blocker via unknown vectors.
689 CVE-2011-1193 264 Bypass 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
690 CVE-2011-1192 20 DoS 2011-03-10 2017-09-18
5.0
None Remote Low Not required None None Partial
Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
691 CVE-2011-1191 399 DoS 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of DOM URLs.
692 CVE-2011-1190 264 Bypass 2011-03-10 2017-09-18
5.0
None Remote Low Not required Partial None None
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
693 CVE-2011-1189 119 DoS Overflow 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
694 CVE-2011-1188 119 DoS Overflow Mem. Corr. 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
695 CVE-2011-1187 264 Bypass 2011-03-10 2017-09-18
5.0
None Remote Low Not required Partial None None
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
696 CVE-2011-1186 20 DoS Exec Code 2011-03-10 2017-09-18
5.0
None Remote Low Not required None None Partial
Google Chrome before 10.0.648.127 on Linux does not properly handle parallel execution of calls to the print method, which might allow remote attackers to cause a denial of service (application crash) via crafted JavaScript code.
697 CVE-2011-1185 264 2011-03-10 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 10.0.648.127 does not prevent (1) navigation and (2) close operations on the top location of a sandboxed frame, which has unspecified impact and remote attack vectors.
698 CVE-2011-1125 20 DoS 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 9.0.597.107 does not properly perform layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
699 CVE-2011-1124 399 DoS 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins.
700 CVE-2011-1123 20 2011-03-01 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 9.0.597.107 does not properly restrict access to internal extension functions, which has unspecified impact and remote attack vectors.
Total number of vulnerabilities : 777   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 (This Page)15 16
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.