[CLOSE] OSVDB ID : 73558 - Disclosed: 2011-05-16

Description:

(Description Provided by CVE) : Google Chrome OS before R12 0.12.433.38 Beta allows local users to gain privileges by creating a /var/lib/chromeos-aliases.conf file and placing commands in it.

[CLOSE] OSVDB ID : 73556 - Disclosed: 2011-05-16

Description:

(Description Provided by CVE) : Unspecified vulnerability in the dbugs package in Google Chrome OS before R12 0.12.433.38 Beta has unknown impact and attack vectors.

[CLOSE] OSVDB ID : 73560 - Disclosed: 2011-01-27

Description:

(Description Provided by CVE) : Use-after-free vulnerability in flimflamd in flimflam in Google Chrome OS before 0.9.130.14 Beta allows user-assisted remote attackers to cause a denial of service (daemon crash) by providing the name of a hidden WiFi network that does not respond to connection attempts.

[CLOSE] OSVDB ID : 73557 - Disclosed: 2011-05-16

Description:

(Description Provided by CVE) : Google Chrome OS before R12 0.12.433.38 Beta, when Guest mode is enabled, does not prevent changes on the about:flags page, which has unspecified impact and local attack vectors.

[CLOSE] OSVDB ID : 78714 - Disclosed: 2011-07-01

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 73561 - Disclosed: 2011-03-03

Description:

(Description Provided by CVE) : Unspecified vulnerability in the Scratchpad application in Google Chrome OS before R10 0.10.156.46 Beta has unknown impact and attack vectors.

[CLOSE] OSVDB ID : 78940 - Disclosed: 2012-02-08

Description:

(Description Provided by CVE) : Google Chrome before 17.0.963.46 does not properly decode audio data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 75550 - Disclosed: 2011-09-16

Description:

(Description Provided by CVE) : Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 75551 - Disclosed: 2011-09-16

Description:

(Description Provided by CVE) : Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 78950 - Disclosed: 2012-02-08

Description:

(Description Provided by CVE) : libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 75543 - Disclosed: 2011-09-16

Description:

(Description Provided by CVE) : Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 75544 - Disclosed: 2011-09-16

Description:

(Description Provided by CVE) : Google Chrome before 14.0.835.163 does not properly process MP3 files, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 78942 - Disclosed: 2012-02-08

Description:

(Description Provided by CVE) : Google Chrome before 17.0.963.46 does not properly perform path clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 78943 - Disclosed: 2012-02-08

Description:

(Description Provided by CVE) : Google Chrome before 17.0.963.46 does not properly handle PDF FAX images, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 78952 - Disclosed: 2012-02-08

Description:

(Description Provided by CVE) : The shader translator implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 75565 - Disclosed: 2011-09-16

Description:

(Description Provided by CVE) : Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 75566 - Disclosed: 2011-09-16

Description:

(Description Provided by CVE) : Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 75552 - Disclosed: 2011-09-16

Description:

(Description Provided by CVE) : Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 56431 - Disclosed: 2009-04-08

Description:

(Description Provided by CVE) : Google Chrome 1.0.x does not cancel timeouts upon a page transition, which makes it easier for attackers to conduct Universal XSS attacks by calling setTimeout to trigger future execution of JavaScript code, and then modifying document.location to arrange for JavaScript execution in the context of an arbitrary web site. NOTE: this can be leveraged for a remote attack by exploiting a chromehtml: argument-injection vulnerability.

[CLOSE] OSVDB ID : 68837 - Disclosed: 2010-10-19

Description:

Google Chrome contains a flaw related to the improper handling of page unloading. This may allow a remote attacker to conduct URL spoofing attacks.

[CLOSE] OSVDB ID : 54288 - Disclosed: 2009-05-05

Description:

(Description Provided by CVE) : Heap-based buffer overflow in the ParamTraits<SkBitmap>::Read function in Google Chrome before 1.0.154.64 allows attackers to leverage renderer access to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to a large bitmap that arrives over the IPC channel.

[CLOSE] OSVDB ID : 67606 - Disclosed: 2010-01-31

Description:

Google Chrome is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening an unspecified file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

[CLOSE] OSVDB ID : 77718 - Disclosed: 2011-12-13

Description:

(Description Provided by CVE) : Google Chrome before 16.0.912.63 does not properly handle PDF cross references, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 70459 - Disclosed: 2011-01-12

Description:

A memory corruption flaw exists in Google Chrome. The program fails to sanitize user-supplied input when processing PDF documents, resulting in memory corruption. With a specially crafted PDF document that triggers an out-of-memory error, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 70458 - Disclosed: 2011-01-12

Description:

Google Chrome contains a flaw that may allow a denial of service. The issue is triggered when a use-after-free vulnerability occurs, allowing a context-dependent attacker to cause a denial of service or possibly have other impact via a PDF document.

[CLOSE] OSVDB ID : 70988 - Disclosed: 2011-02-03

Description:

Google Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when the PDF event handler fails to properly interact with print operations, and will allow a context-dependent attacker to cause a denial of service, or possibly other unspecified impact, via memory corruption.

[CLOSE] OSVDB ID : 77717 - Disclosed: 2011-12-13

Description:

(Description Provided by CVE) : Buffer overflow in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF fonts.

[CLOSE] OSVDB ID : 72220 - Disclosed: 2011-04-27

Description:

Google Chrome contains a flaw related to the failure to properly handle PDF forms that may result in a stale pointer condition, allowing a remote attacker to cause a denial of service or have other unspecified impact. No further details have been provided.

[CLOSE] OSVDB ID : 77713 - Disclosed: 2011-12-13

Description:

(Description Provided by CVE) : Google Chrome before 16.0.912.63 does not properly handle PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

[CLOSE] OSVDB ID : 74256 - Disclosed: 2011-08-02

Description:

(Description Provided by CVE) : Google Chrome before 13.0.782.107 does not properly handle nested functions in PDF documents, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.