Google Chrome vulnerabilities

CVE-2011-1305 [MEDIUM] CWE-362 CVE-2011-1305: Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database.

CVE-2011-1449 [MEDIUM] CWE-416 CVE-2011-1449: Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 al Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-1435 [MEDIUM] CWE-276 CVE-2011-1435: Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, whi Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension.

CVE-2011-1436 [MEDIUM] CWE-20 CVE-2011-1436: Google Chrome before 11.0.696.57 on Linux does not properly interact with the X Window System, which Google Chrome before 11.0.696.57 on Linux does not properly interact with the X Window System, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

CVE-2011-1437 [MEDIUM] CWE-190 CVE-2011-1437: Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a den Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering.

CVE-2011-1450 [MEDIUM] CWE-20 CVE-2011-1450: Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attacke Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."

CVE-2011-1434 [MEDIUM] CWE-20 CVE-2011-1434: Google Chrome before 11.0.696.57 does not ensure thread safety during handling of MIME data, which a Google Chrome before 11.0.696.57 does not ensure thread safety during handling of MIME data, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-1448 [MEDIUM] CWE-20 CVE-2011-1448: Google Chrome before 11.0.696.57 does not properly perform height calculations, which allows remote Google Chrome before 11.0.696.57 does not properly perform height calculations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

CVE-2011-1452 [MEDIUM] CWE-20 CVE-2011-1452: Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vect Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload.

CVE-2011-1301 [CRITICAL] CWE-416 CVE-2011-1301: Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote a Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.

CVE-2011-1300 [CRITICAL] CWE-189 CVE-2011-1300: The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the Web The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecifi

CVE-2011-1302 [CRITICAL] CWE-787 CVE-2011-1302: Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote att Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.

CVE-2011-1691 [MEDIUM] CWE-476 CVE-2011-1691: The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a ge

CVE-2011-0611 [HIGH] CWE-843 CVE-2011-0611: Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and e Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.

CVE-2011-1294 [HIGH] CWE-20 CVE-2011-1294: Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequen Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

CVE-2011-1293 [HIGH] CWE-416 CVE-2011-1293: Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.2 Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-1296 [HIGH] CWE-20 CVE-2011-1296: Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers t Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

CVE-2011-1291 [HIGH] CWE-120 CVE-2011-1291: Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attacke Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error."

CVE-2011-1292 [HIGH] CWE-416 CVE-2011-1292: Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2011-1295 [HIGH] CWE-20 CVE-2011-1295: WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properl WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified other impact via unknown vectors.