Google Chrome vulnerabilities

CVE-2011-3108 [CRITICAL] CWE-399 CVE-2011-3108: Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allows remote attackers to execute Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allows remote attackers to execute arbitrary code via vectors related to the browser cache.

CVE-2011-3110 [HIGH] CWE-119 CVE-2011-3110: The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.

CVE-2011-3107 [HIGH] CVE-2011-3107: Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, whic Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.

CVE-2011-3113 [HIGH] CVE-2011-3113: The PDF functionality in Google Chrome before 19.0.1084.52 does not properly perform a cast of an un The PDF functionality in Google Chrome before 19.0.1084.52 does not properly perform a cast of an unspecified variable during handling of color spaces, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

CVE-2011-3115 [HIGH] CWE-119 CVE-2011-3115: Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial o Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger "type corruption."

CVE-2011-3109 [HIGH] CVE-2011-3109: Google Chrome before 19.0.1084.52 on Linux does not properly perform a cast of an unspecified variab Google Chrome before 19.0.1084.52 on Linux does not properly perform a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact by leveraging an error in the GTK implementation of the UI.

CVE-2011-3105 [HIGH] CWE-399 CVE-2011-3105: Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome bef Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.

CVE-2011-3103 [HIGH] CWE-399 CVE-2011-3103: Google V8, as used in Google Chrome before 19.0.1084.52, does not properly perform garbage collectio Google V8, as used in Google Chrome before 19.0.1084.52, does not properly perform garbage collection, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code.

CVE-2011-3114 [HIGH] CWE-119 CVE-2011-3114: Multiple buffer overflows in the PDF functionality in Google Chrome before 19.0.1084.52 allow remote Multiple buffer overflows in the PDF functionality in Google Chrome before 19.0.1084.52 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unknown function calls.

CVE-2011-3112 [MEDIUM] CWE-399 CVE-2011-3112: Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows re Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document.

CVE-2011-3111 [MEDIUM] CWE-119 CVE-2011-3111: Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial o Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors.

CVE-2011-3104 [MEDIUM] CWE-119 CVE-2011-3104: Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of ser Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVE-2011-3095 [CRITICAL] CWE-20 CVE-2011-3095: The OGG container in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of The OGG container in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write.

CVE-2011-3097 [CRITICAL] CWE-20 CVE-2011-3097: The PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial The PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an out-of-bounds write error in the implementation of sampled functions.

CVE-2011-3091 [CRITICAL] CWE-399 CVE-2011-3091: Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 19.0.1084.46 al Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-3089 [CRITICAL] CWE-399 CVE-2011-3089: Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving tables.

CVE-2011-3087 [CRITICAL] CVE-2011-3087: Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified impact and remote attack vectors.

CVE-2011-3101 [CRITICAL] CVE-2011-3101: Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVID Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products.

CVE-2011-3092 [CRITICAL] CWE-20 CVE-2011-3092: The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote a The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service (invalid write operation) or possibly have unspecified other impact via unknown vectors.

CVE-2011-3086 [CRITICAL] CWE-399 CVE-2011-3086: Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a STYLE element.