google chrome 2.0.172.31 vulnerabilities and exploits

(subscribe to this query)

Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome prior to 4.0.249.89, allow remote malicious users to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

Use-after-free vulnerability in Google Chrome prior to 4.0.249.78 allows user-assisted remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a dif...

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

1 EDB exploit

The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome prior to 4.0.249.78 does not use the correct variables in calculations designed to prevent integer overflows, which allows malicious users to leverage renderer access to cause a denia...

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome prior to 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote malicious users to obtain potentially sensitive information from proc...

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

Stack consumption vulnerability in the ChildProcessSecurityPolicy::CanRequestURL function in browser/child_process_security_policy.cc in Google Chrome prior to 4.0.249.78 allows remote malicious users to cause a denial of service (memory consumption and application crash) via a U...

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

Google Chrome prior to 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging.

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome prior to 4.0.249.89 allows malicious users to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other...

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

WebKit before r53607, as used in Google Chrome prior to 4.0.249.89, allows remote malicious users to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and the...

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

1 EDB exploit

browser/login/login_prompt.cc in Google Chrome prior to 4.0.249.89 populates an authentication dialog with credentials that were stored by Password Manager for a different web site, which allows user-assisted remote HTTP servers to obtain sensitive information via a URL that requ...

Google Chrome Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1 Google Chrome 0.3.154.0 Google Chrome 0.3.154.3 Google Chrome 0.4.154.18 Google Chrome 0.4.154.22 Google Chrome 0.4.154.31 Google Chrome 0.4.154.33

Google Chrome prior to 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle malicious users to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Stric...

Google Chrome Google Chrome 0.1.38.1 Google Chrome 0.1.38.2 Google Chrome 0.1.38.4 Google Chrome 0.1.40.1 Google Chrome 0.1.42.2 Google Chrome 0.1.42.3 Google Chrome 0.2.149.27 Google Chrome 0.2.149.29 Google Chrome 0.2.149.30 Google Chrome 0.2.152.1 Google Chrome 0.2.153.1

« PREV 1 2 3 4 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook