Google Chrome vulnerabilities

CVE-2011-2351 [MEDIUM] CWE-416 CVE-2011-2351: Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.

CVE-2011-2348 [MEDIUM] CWE-119 CVE-2011-2348: Google V8, as used in Google Chrome before 12.0.742.112, performs an incorrect bounds check, which a Google V8, as used in Google Chrome before 12.0.742.112, performs an incorrect bounds check, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-2349 [MEDIUM] CWE-416 CVE-2011-2349: Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text selection.

CVE-2011-1812 [HIGH] CVE-2011-1812: Google Chrome before 12.0.742.91 allows remote attackers to bypass intended access restrictions via Google Chrome before 12.0.742.91 allows remote attackers to bypass intended access restrictions via vectors related to extensions.

CVE-2011-2332 [HIGH] CWE-20 CVE-2011-2332: Google V8, as used in Google Chrome before 12.0.742.91, allows remote attackers to bypass the Same O Google V8, as used in Google Chrome before 12.0.742.91, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

CVE-2011-1817 [MEDIUM] CWE-119 CVE-2011-1817: Google Chrome before 12.0.742.91 does not properly implement history deletion, which allows remote a Google Chrome before 12.0.742.91 does not properly implement history deletion, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

CVE-2011-1808 [MEDIUM] CWE-416 CVE-2011-1808: Use-after-free vulnerability in Google Chrome before 12.0.742.91 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to incorrect integer calculations during float handling.

CVE-2011-1815 [MEDIUM] CWE-79 CVE-2011-1815: Google Chrome before 12.0.742.91 allows remote attackers to inject script into a tab page via vector Google Chrome before 12.0.742.91 allows remote attackers to inject script into a tab page via vectors related to extensions.

CVE-2011-1811 [MEDIUM] CWE-20 CVE-2011-1811: Google Chrome before 12.0.742.91 does not properly handle a large number of form submissions, which Google Chrome before 12.0.742.91 does not properly handle a large number of form submissions, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

CVE-2011-1816 [MEDIUM] CWE-416 CVE-2011-1816: Use-after-free vulnerability in the developer tools in Google Chrome before 12.0.742.91 allows remot Use-after-free vulnerability in the developer tools in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-1810 [MEDIUM] CWE-200 CVE-2011-1810: The Cascading Style Sheets (CSS) implementation in Google Chrome before 12.0.742.91 does not properl The Cascading Style Sheets (CSS) implementation in Google Chrome before 12.0.742.91 does not properly restrict access to the visit history, which allows remote attackers to obtain sensitive information via unspecified vectors.

CVE-2011-1809 [MEDIUM] CWE-416 CVE-2011-1809: Use-after-free vulnerability in the accessibility feature in Google Chrome before 12.0.742.91 allows Use-after-free vulnerability in the accessibility feature in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-1818 [MEDIUM] CWE-416 CVE-2011-1818: Use-after-free vulnerability in the image loader in Google Chrome before 12.0.742.91 allows remote a Use-after-free vulnerability in the image loader in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-1814 [MEDIUM] CWE-824 CVE-2011-1814: Google Chrome before 12.0.742.91 attempts to read data from an uninitialized pointer, which allows r Google Chrome before 12.0.742.91 attempts to read data from an uninitialized pointer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-2342 [MEDIUM] CWE-79 CVE-2011-2342: The DOM implementation in Google Chrome before 12.0.742.91 allows remote attackers to bypass the Sam The DOM implementation in Google Chrome before 12.0.742.91 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

CVE-2011-1813 [MEDIUM] CWE-20 CVE-2011-1813: Google Chrome before 12.0.742.91 does not properly implement the framework for extensions, which all Google Chrome before 12.0.742.91 does not properly implement the framework for extensions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

CVE-2011-1819 [MEDIUM] CWE-79 CVE-2011-1819: Google Chrome before 12.0.742.91 allows remote attackers to perform unspecified injection into a chr Google Chrome before 12.0.742.91 allows remote attackers to perform unspecified injection into a chrome:// page via vectors related to extensions.

CVE-2011-1806 [CRITICAL] CWE-119 CVE-2011-1806: Google Chrome before 11.0.696.71 does not properly implement the GPU command buffer, which allows re Google Chrome before 11.0.696.71 does not properly implement the GPU command buffer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

CVE-2011-1807 [CRITICAL] CWE-787 CVE-2011-1807: Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to ex Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger an out-of-bounds write.

CVE-2011-1804 [HIGH] CWE-20 CVE-2011-1804: rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696 rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696.71, does not properly render floats, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."