Google Chrome vulnerabilities

CVE-2011-3903 [MEDIUM] CWE-697 CVE-2011-3903: Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote attac Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVE-2011-3908 [MEDIUM] CWE-125 CVE-2011-3908: Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attacker Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVE-2011-3906 [MEDIUM] CWE-125 CVE-2011-3906: The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of serv The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVE-2011-4691 [MEDIUM] CWE-264 CVE-2011-4691: Google Chrome 15.0.874.121 and earlier does not prevent capture of data about the times of Same Orig Google Chrome 15.0.874.121 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.

CVE-2011-4692 [MEDIUM] CWE-264 CVE-2011-4692: WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data about the time required for image loading, which makes it easier for remote attackers to determine whether an image exists in the browser cache via crafted JavaScript code, as demonstrated by visipisi.

CVE-2010-5069 [MEDIUM] CVE-2010-5069: The Cascading Style Sheets (CSS) implementation in Google Chrome 4 does not properly handle the :vis The Cascading Style Sheets (CSS) implementation in Google Chrome 4 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document. NOTE: this may overlap CVE-2010-2264.

CVE-2010-5073 [MEDIUM] CVE-2010-5073: The JavaScript implementation in Google Chrome 4 does not properly restrict the set of values contai The JavaScript implementation in Google Chrome 4 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method. NOTE: this may overlap CVE-2010-5070.

CVE-2011-3900 [HIGH] CWE-787 CVE-2011-3900: Google V8, as used in Google Chrome before 15.0.874.121, allows remote attackers to cause a denial o Google V8, as used in Google Chrome before 15.0.874.121, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write operation.

CVE-2011-3896 [HIGH] CWE-120 CVE-2011-3896: Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of se Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping.

CVE-2011-3892 [HIGH] CWE-415 CVE-2011-3892: Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote a Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.

CVE-2011-3898 [HIGH] CWE-269 CVE-2011-3898: Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request u Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet.

CVE-2011-3895 [HIGH] CWE-787 CVE-2011-3895: Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.

CVE-2011-3894 [HIGH] CWE-119 CVE-2011-3894: Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attack Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted stream.

CVE-2011-3897 [MEDIUM] CWE-416 CVE-2011-3897: Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attack Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.

CVE-2011-3893 [MEDIUM] CWE-125 CVE-2011-3893: Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, whi Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVE-2011-2830 [HIGH] CVE-2011-2830: Google V8, as used in Google Chrome before 14.0.835.163, does not properly implement script object w Google V8, as used in Google Chrome before 14.0.835.163, does not properly implement script object wrappers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.

CVE-2011-3640 [HIGH] CWE-426 CVE-2011-3640: Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Ch Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."

CVE-2011-3889 [HIGH] CWE-787 CVE-2011-3889: Heap-based buffer overflow in the Web Audio implementation in Google Chrome before 15.0.874.102 allo Heap-based buffer overflow in the Web Audio implementation in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-3891 [HIGH] CVE-2011-3891: Google Chrome before 15.0.874.102 does not properly restrict access to internal Google V8 functions, Google Chrome before 15.0.874.102 does not properly restrict access to internal Google V8 functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-3882 [HIGH] CWE-416 CVE-2011-3882: Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media buffers.