Google Chrome vulnerabilities

CVE-2011-1801 [MEDIUM] CVE-2011-1801: Unspecified vulnerability in Google Chrome before 11.0.696.71 allows remote attackers to bypass the Unspecified vulnerability in Google Chrome before 11.0.696.71 allows remote attackers to bypass the pop-up blocker via unknown vectors.

CVE-2011-1800 [HIGH] CWE-190 CVE-2011-1800: Multiple integer overflows in the SVG Filters implementation in WebCore in WebKit in Google Chrome b Multiple integer overflows in the SVG Filters implementation in WebCore in WebKit in Google Chrome before 11.0.696.68 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-1799 [MEDIUM] CWE-704 CVE-2011-1799: Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction wit Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-2075 [CRITICAL] CVE-2011-2075: Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 SP1 allows remote attackers to e Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 SP1 allows remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20110510, the only disclosure is a vague advisory that possibly relates to multiple vulnerabilities or multiple products. However, because it is from a well-known researcher, it is being assigned a CVE id

CVE-2011-1303 [HIGH] CWE-20 CVE-2011-1303: Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote atta Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

CVE-2011-1451 [HIGH] CWE-20 CVE-2011-1451: Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."

CVE-2011-1438 [HIGH] CWE-20 CVE-2011-1438: Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vector Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vectors involving blobs.

CVE-2011-1455 [MEDIUM] CWE-125 CVE-2011-1455: Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, whi Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.

CVE-2011-1444 [MEDIUM] CWE-362 CVE-2011-1444: Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux a Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-1446 [MEDIUM] CVE-2011-1446: Google Chrome before 11.0.696.57 allows remote attackers to spoof the URL bar via vectors involving Google Chrome before 11.0.696.57 allows remote attackers to spoof the URL bar via vectors involving (1) a navigation error or (2) an interrupted load.

CVE-2011-1440 [MEDIUM] CWE-416 CVE-2011-1440: Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences.

CVE-2011-1447 [MEDIUM] CWE-20 CVE-2011-1447: Google Chrome before 11.0.696.57 does not properly handle drop-down lists, which allows remote attac Google Chrome before 11.0.696.57 does not properly handle drop-down lists, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

CVE-2011-1456 [MEDIUM] CWE-20 CVE-2011-1456: Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers t Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."

CVE-2011-1445 [MEDIUM] CWE-125 CVE-2011-1445: Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attacke Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVE-2011-1443 [MEDIUM] CWE-20 CVE-2011-1443: Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."

CVE-2011-1439 [MEDIUM] CVE-2011-1439: Google Chrome before 11.0.696.57 on Linux does not properly isolate renderer processes, which has un Google Chrome before 11.0.696.57 on Linux does not properly isolate renderer processes, which has unspecified impact and remote attack vectors.

CVE-2011-1442 [MEDIUM] CWE-20 CVE-2011-1442: Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attac Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attackers to cause a denial of service (node tree corruption) or possibly have unspecified other impact via unknown vectors.

CVE-2011-1454 [MEDIUM] CWE-416 CVE-2011-1454: Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.5 Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document.

CVE-2011-1441 [MEDIUM] CWE-704 CVE-2011-1441: Google Chrome before 11.0.696.57 does not properly perform a cast of an unspecified variable during Google Chrome before 11.0.696.57 does not properly perform a cast of an unspecified variable during handling of floating select lists, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.

CVE-2011-1304 [MEDIUM] CVE-2011-1304: Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins.