[CLOSE] OSVDB ID : 72791 - Disclosed: 2011-06-07

Description:

(Description Provided by CVE) : The DOM implementation in Google Chrome before 12.0.742.91 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

[CLOSE] OSVDB ID : 72479 - Disclosed: 2011-03-08

Description:

Google Chrome contains a use-after-free flaw related to DOM URL handling that may allow an attacker to potentially execute arbitrary code. No further details have been provided.

[CLOSE] OSVDB ID : 62315 - Disclosed: 2010-02-10

Description:

(Description Provided by CVE) : Google Chrome before 4.0.249.89 attempts to make direct connections to web sites when all configured proxy servers are unavailable, which allows remote HTTP servers to obtain potentially sensitive information about the identity of a client user via standard HTTP logging, as demonstrated by a proxy server that was configured for the purpose of anonymity.

[CLOSE] OSVDB ID : 74695 - Disclosed: 2011-08-22

Description:

(Description Provided by CVE) : Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.

[CLOSE] OSVDB ID : 75560 - Disclosed: 2011-09-16

Description:

(Description Provided by CVE) : Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

[CLOSE] OSVDB ID : 76547 - Disclosed: 2011-10-25

Description:

(Description Provided by CVE) : Google Chrome before 15.0.874.102 does not properly handle downloading files that have whitespace characters at the end of a filename, which has unspecified impact and user-assisted remote attack vectors.

[CLOSE] OSVDB ID : 78944 - Disclosed: 2012-02-08

Description:

(Description Provided by CVE) : Google Chrome before 17.0.963.46 does not properly implement the drag-and-drop feature, which makes it easier for remote attackers to spoof the URL bar via unspecified vectors.

[CLOSE] OSVDB ID : 70989 - Disclosed: 2011-02-03

Description:

Google Chrome contains a flaw related to the failure to properly restrict cross-origin drag and drop operations that may allow a remote attacker to bypass the Same Origin Policy. No further details have been provided.

[CLOSE] OSVDB ID : 65029 - Disclosed: 2010-05-25

Description:

(Description Provided by CVE) : Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the "drag + drop" functionality.

[CLOSE] OSVDB ID : 76546 - Disclosed: 2011-10-25

Description:

(Description Provided by CVE) : Google Chrome before 15.0.874.102 does not properly handle drag and drop operations on URL strings, which allows user-assisted remote attackers to spoof the URL bar via unspecified vectors.

[CLOSE] OSVDB ID : 74232 - Disclosed: 2011-08-02

Description:

(Description Provided by CVE) : The drag-and-drop implementation in Google Chrome before 13.0.782.107 on Linux does not properly enforce permissions for files, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors.

[CLOSE] OSVDB ID : 72212 - Disclosed: 2011-04-27

Description:

Google Chrome contains a flaw related to the failure to properly handle drop-down lists, which results in a stale pointer condition that may allow a remote attacker to cause a denial of service or have other unspecified impact. No further details have been provided.

[CLOSE] OSVDB ID : 77037 - Disclosed: 2011-11-10

Description:

(Description Provided by CVE) : Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.

[CLOSE] OSVDB ID : 74696 - Disclosed: 2011-08-22

Description:

(Description Provided by CVE) : Google Chrome before 13.0.782.215 allows remote attackers to bypass the Same Origin Policy via vectors related to empty origins.

[CLOSE] OSVDB ID : 63517 - Disclosed: 2010-03-17

Description:

(Description Provided by CVE) : Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via an empty SVG element.

[CLOSE] OSVDB ID : 69171 - Disclosed: 2010-11-04

Description:

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program fails to properly handle the data types of event objects, allowing a context-dependent attacker to cause a denial of service or possibly have other unspecified impact.

[CLOSE] OSVDB ID : 78934 - Disclosed: 2012-02-08

Description:

(Description Provided by CVE) : Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via vectors that trigger a large amount of database usage.

[CLOSE] OSVDB ID : 72789 - Disclosed: 2011-06-07

Description:

(Description Provided by CVE) : Google Chrome before 12.0.742.91 allows remote attackers to perform unspecified injection into a chrome:// page via vectors related to extensions.

[CLOSE] OSVDB ID : 65030 - Disclosed: 2010-05-25

Description:

(Description Provided by CVE) : Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors.

[CLOSE] OSVDB ID : 72783 - Disclosed: 2011-06-07

Description:

(Description Provided by CVE) : Google Chrome before 12.0.742.91 does not properly implement the framework for extensions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

[CLOSE] OSVDB ID : 68109 - Disclosed: 2010-09-14

Description:

(Description Provided by CVE) : Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors.

[CLOSE] OSVDB ID : 74228 - Disclosed: 2011-08-02

Description:

(Description Provided by CVE) : Google Chrome before 13.0.782.107 does not ensure that extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension.

[CLOSE] OSVDB ID : 70985 - Disclosed: 2011-02-03

Description:

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program fails to properly handle a missing key in an extension, allowing a context-dependent attacker to use a crafted extension to cause a denial of service.

[CLOSE] OSVDB ID : 70453 - Disclosed: 2011-01-12

Description:

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program fails to properly handle extensions notification, allowing a remote attacker to cause an application crash denial of service.

[CLOSE] OSVDB ID : 72785 - Disclosed: 2011-06-07

Description:

(Description Provided by CVE) : Google Chrome before 12.0.742.91 allows remote attackers to inject script into a tab page via vectors related to extensions.

[CLOSE] OSVDB ID : 72200 - Disclosed: 2011-04-27

Description:

Google Chrome contains a flaw related to the handling of extensions with 'tabs' permissions that may allow an attacker to gain access to local files. No further details have been provided.

[CLOSE] OSVDB ID : 74235 - Disclosed: 2011-08-02

Description:

(Description Provided by CVE) : The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension.

[CLOSE] OSVDB ID : 72782 - Disclosed: 2011-06-07

Description:

(Description Provided by CVE) : Google Chrome before 12.0.742.91 allows remote attackers to bypass intended access restrictions via vectors related to extensions.

[CLOSE] OSVDB ID : 69664 - Disclosed: 2010-12-02

Description:

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the program fails to properly restrict file dialog generation, and will allow an attacker to cause a loss of availability via a maliciously crafted website.

[CLOSE] OSVDB ID : 67458 - Disclosed: 2010-08-19

Description:

(Description Provided by CVE) : Google Chrome before 5.0.375.127 does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.