Google Chrome vulnerabilities

CVE-2011-3044 [MEDIUM] CWE-416 CVE-2011-3044: Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements.

CVE-2011-3035 [MEDIUM] CWE-416 CVE-2011-3035: Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.

CVE-2011-3042 [MEDIUM] CWE-416 CVE-2011-3042: Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections.

CVE-2011-3031 [MEDIUM] CWE-416 CVE-2011-3031: Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17 Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-3040 [MEDIUM] CWE-125 CVE-2011-3040: Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cau Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.

CVE-2011-3034 [MEDIUM] CWE-416 CVE-2011-3034: Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document.

CVE-2011-3037 [MEDIUM] CWE-704 CVE-2011-3037: Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

CVE-2011-3018 [HIGH] CWE-787 CVE-2011-3018: Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a de Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering.

CVE-2011-3021 [HIGH] CWE-416 CVE-2011-3021: Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading.

CVE-2011-3022 [MEDIUM] CWE-319 CVE-2011-3022: translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network.

CVE-2011-3023 [MEDIUM] CWE-416 CVE-2011-3023: Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attacke Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations.

CVE-2011-3019 [MEDIUM] CWE-787 CVE-2011-3019: Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a de Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file.

CVE-2011-3015 [MEDIUM] CWE-190 CVE-2011-3015: Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attack Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-3025 [MEDIUM] CWE-125 CVE-2011-3025: Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers t Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVE-2011-3026 [MEDIUM] CWE-190 CVE-2011-3026: Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

CVE-2011-3027 [MEDIUM] CWE-704 CVE-2011-3027: Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

CVE-2011-3024 [MEDIUM] CWE-295 CVE-2011-3024: Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application c Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate.

CVE-2011-3017 [MEDIUM] CWE-416 CVE-2011-3017: Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling.

CVE-2011-3020 [MEDIUM] CVE-2011-3020: Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0 Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors.

CVE-2011-3016 [MEDIUM] CWE-416 CVE-2011-3016: Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue.