[CLOSE] OSVDB ID : 72482 - Disclosed: 2011-03-08

Description:

Google Chrome contains multiple flaws that may allow an attacker to bypass the pop-up blocker. No further details have been provided.

[CLOSE] OSVDB ID : 76552 - Disclosed: 2011-10-25

Description:

(Description Provided by CVE) : Google Chrome before 15.0.874.102 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

[CLOSE] OSVDB ID : 76556 - Disclosed: 2011-10-25

Description:

(Description Provided by CVE) : Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data.

[CLOSE] OSVDB ID : 72207 - Disclosed: 2011-04-19

Description:

Google Chrome contains a flaw related to mutation events in corrupt node trees that may allow a remote attacker to cause a denial of service or have other unspecified impact. No further details have been provided.

[CLOSE] OSVDB ID : 72211 - Disclosed: 2011-04-27

Description:

Google Chrome contains a flaw related to navigation errors and interrupted loads that may allow a remote attacker to spoof the URL bar. No further details have been provided.

[CLOSE] OSVDB ID : 68103 - Disclosed: 2010-09-14

Description:

(Description Provided by CVE) : Use-after-free vulnerability in WebKit, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to nested SVG elements.

[CLOSE] OSVDB ID : 73562 - Disclosed: 2011-03-17

Description:

(Description Provided by CVE) : The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application exit) by canceling a stream.

[CLOSE] OSVDB ID : 70454 - Disclosed: 2011-01-12

Description:

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the node-iteration implementation fails to properly handle pointers, allowing a remote attacker to cause a denial of service.

[CLOSE] OSVDB ID : 75561 - Disclosed: 2011-09-16

Description:

(Description Provided by CVE) : Google Chrome before 14.0.835.163 uses incorrect permissions for non-gallery pages, which has unspecified impact and attack vectors.

[CLOSE] OSVDB ID : 67464 - Disclosed: 2010-08-19

Description:

(Description Provided by CVE) : Google Chrome before 5.0.375.127 does not properly implement the notifications feature, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via unknown vectors.

[CLOSE] OSVDB ID : 67861 - Disclosed: 2010-09-02

Description:

(Description Provided by CVE) : The implementation of notification permissions in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

[CLOSE] OSVDB ID : 67860 - Disclosed: 2010-09-02

Description:

(Description Provided by CVE) : Use-after-free vulnerability in the Notifications presenter in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

[CLOSE] OSVDB ID : 73504 - Disclosed: 2011-06-28

Description:

(Description Provided by CVE) : The NPAPI implementation in Google Chrome before 12.0.742.112 does not properly handle strings, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 72484 - Disclosed: 2011-03-08

Description:

Google Chrome contains a flaw related to the OGG container implementation that may allow an attacker to cause an out-of-bounds write and potentially execute arbitrary code. No further details have been provided.

[CLOSE] OSVDB ID : 67465 - Disclosed: 2010-08-19

Description:

(Description Provided by CVE) : The autosuggest feature in the Omnibox implementation in Google Chrome before 5.0.375.127 does not anticipate entry of passwords, which might allow remote attackers to obtain sensitive information by reading the network traffic generated by this feature.

[CLOSE] OSVDB ID : 67265 - Disclosed: 2010-06-24

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 72280 - Disclosed: 2011-02-28

Description:

Chrome contains a flaw that may allow a [REMOTE | LOCAL] denial of service. The issue is triggered by an unspecified pickle deserialization issue, and will result in loss of availability for the application.

[CLOSE] OSVDB ID : 64481 - Disclosed: 2010-04-26

Description:

(Description Provided by CVE) : Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.

[CLOSE] OSVDB ID : 65406 - Disclosed: 2010-06-09

Description:

(Description Provided by CVE) : browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandbox restrictions via vectors involving fchdir and chdir calls.

[CLOSE] OSVDB ID : 69168 - Disclosed: 2010-11-04

Description:

Google Chrome on Linux is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a multiple integer overflows. With a specially crafted font, a context-dependent attacker can cause a denial of service or possibly have other unspecified impact.

[CLOSE] OSVDB ID : 68104 - Disclosed: 2010-09-14

Description:

(Description Provided by CVE) : Google Chrome before 6.0.472.59 on Linux does not properly handle cursors, which might allow attackers to cause a denial of service (assertion failure) via unspecified vectors.

[CLOSE] OSVDB ID : 68108 - Disclosed: 2010-09-14

Description:

(Description Provided by CVE) : Google Chrome before 6.0.472.59 on Linux does not properly implement the Khmer locale, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

[CLOSE] OSVDB ID : 68840 - Disclosed: 2010-10-19

Description:

Google Chrome on Linux contains a flaw related to a failure to properly set the PATH environment variable that may allow an attacker to have an unspecified impact. No further details have been provided.

[CLOSE] OSVDB ID : 68842 - Disclosed: 2010-10-19

Description:

Google Chrome on Linux contains a flaw related to the sandbox implementation's failure to properly constrain worker processes. This may allow a remote attacker to bypass access restrictions.

[CLOSE] OSVDB ID : 70984 - Disclosed: 2011-02-03

Description:

Google Chrome on Mac OS X contains a flaw that may allow a remote denial of service. The issue is triggered when the program fails to mitigate an unspecified flaw in the SSL libraries, and will result in loss of availability for the program.

[CLOSE] OSVDB ID : 70982 - Disclosed: 2011-02-03

Description:

Google Chrome on Mac OS X contains a flaw that may lead to an unauthorized information disclosure. A remote attacker may obtain potentially sensitive local file information via the 'stat()' system call.

[CLOSE] OSVDB ID : 51135 - Disclosed: 2008-12-23

Description:

(Description Provided by CVE) : ** DISPUTED ** Argument injection vulnerability in Google Chrome 1.0.154.36 on Windows XP SP3 allows remote attackers to execute arbitrary commands via the --renderer-path option in a chromehtml: URI. NOTE: a third party disputes this issue, stating that Chrome "will ask for user permission" and "cannot launch the applet even [if] you have given out the permission."

[CLOSE] OSVDB ID : 62309 - Disclosed: 2010-01-25

Description:

(Description Provided by CVE) : Google Chrome before 4.0.249.78 on Windows does not perform the expected encoding, escaping, and quoting for the URL in the --app argument in a desktop shortcut, which allows user-assisted remote attackers to execute arbitrary programs or obtain sensitive information by tricking a user into creating a crafted shortcut.

[CLOSE] OSVDB ID : 73647 - Disclosed: 2011-05-09

Description:

(Description Provided by CVE) : Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 SP1 allows remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20110510, the only disclosure is a vague advisory that possibly relates to multiple vulnerabilities or multiple products. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

[CLOSE] OSVDB ID : 52642 - Disclosed: 2009-01-29

Description:

(Description Provided by CVE) : ** DISPUTED ** Google Chrome 1.0.154.43 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability. NOTE: a third party disputes the relevance of this issue, stating that "every sufficiently featured browser is and likely will remain susceptible to the behavior known as clickjacking," and adding that the exploit code "is not a valid demonstration of the issue."