google chrome 2.0.172.31 vulnerabilities and exploits

(subscribe to this query)

Google Chrome prior to 4.0.249.78 on Windows does not perform the expected encoding, escaping, and quoting for the URL in the --app argument in a desktop shortcut, which allows user-assisted remote malicious users to execute arbitrary programs or obtain sensitive information by t...

Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33 Google Chrome 1.0.154.36

Multiple integer overflows in Google Chrome prior to 4.1.249.1036 allow remote malicious users to have an unspecified impact via vectors involving WebKit JavaScript objects.

Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33 Google Chrome 1.0.154.36

Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome prior to 4.0.249.89, allow remote malicious users to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

WebKit before r53525, as used in Google Chrome prior to 4.0.249.89, allows remote malicious users to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a <ruby>><table><rt> sequence.

Apple Webkit Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31

WebKit before r51295, as used in Google Chrome prior to 4.0.249.78, presents a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory, which allows malicious users to obtain sensitive information or possibly have unspecified oth...

Apple Webkit Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31

The image decoder in WebKit before r52833, as used in Google Chrome prior to 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote malicious users to execute arbitrary code in the Chrome sandbox via a malformed GIF file that specifies a large si...

Apple Webkit Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31

WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome prior to 4.0.249.78, allows remote malicious users to bypass the Same Origin Policy via vectors involving the window.open method.

Apple Webkit 52400 Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31

Multiple integer overflows in Skia, as used in Google Chrome prior to 4.0.249.78, allow remote malicious users to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements.

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

Google Chrome prior to 4.0.249.89 attempts to make direct connections to web sites when all configured proxy servers are unavailable, which allows remote HTTP servers to obtain potentially sensitive information about the identity of a client user via standard HTTP logging, as dem...

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

Google Chrome prior to 4.0.249.89, when a SOCKS 5 proxy server is configured, sends DNS queries directly, which allows remote DNS servers to obtain potentially sensitive information about the identity of a client user via request logging, as demonstrated by a proxy server that wa...

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

« PREV 1 2 3 4 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook