Google Chrome vulnerabilities

CVE-2011-1122 [MEDIUM] CWE-125 CVE-2011-1122: The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a deni The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960.

CVE-2011-1108 [MEDIUM] CVE-2011-1108: Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.

CVE-2011-1120 [MEDIUM] CWE-125 CVE-2011-1120: The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a deni The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717.

CVE-2011-1118 [MEDIUM] CWE-20 CVE-2011-1118: Google Chrome before 9.0.597.107 does not properly handle TEXTAREA elements, which allows remote att Google Chrome before 9.0.597.107 does not properly handle TEXTAREA elements, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.

CVE-2011-1059 [MEDIUM] CWE-416 CVE-2011-1059: Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11. Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional i

CVE-2011-0982 [CRITICAL] CWE-416 CVE-2011-0982: Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows remote attackers to cause a d Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG font faces.

CVE-2011-0981 [HIGH] CWE-20 CVE-2011-0981: Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allow Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

CVE-2011-0983 [HIGH] CWE-20 CVE-2011-0983: Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attac Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

CVE-2011-0985 [HIGH] CWE-400 CVE-2011-0985: Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion, which has unspecified impact and remote attack vectors.

CVE-2011-0984 [MEDIUM] CWE-125 CVE-2011-0984: Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVE-2011-0777 [HIGH] CWE-416 CVE-2011-0777: Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a d Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading.

CVE-2011-0781 [HIGH] CWE-20 CVE-2011-0781: Google Chrome before 9.0.597.84 does not properly handle autofill profile merging, which has unspeci Google Chrome before 9.0.597.84 does not properly handle autofill profile merging, which has unspecified impact and remote attack vectors.

CVE-2011-0778 [HIGH] CWE-264 CVE-2011-0778: Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might all Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

CVE-2011-0776 [MEDIUM] CWE-200 CVE-2011-0776: The sandbox implementation in Google Chrome before 9.0.597.84 on Mac OS X might allow remote attacke The sandbox implementation in Google Chrome before 9.0.597.84 on Mac OS X might allow remote attackers to obtain potentially sensitive information about local files via vectors related to the stat system call.

CVE-2011-0784 [MEDIUM] CWE-362 CVE-2011-0784: Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code via vectors related to audio.

CVE-2011-0783 [MEDIUM] CVE-2011-0783: Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers t Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers to cause a denial of service (application crash) via vectors involving a "bad volume setting."

CVE-2011-0779 [MEDIUM] CWE-20 CVE-2011-0779: Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension.

CVE-2011-0780 [MEDIUM] CVE-2011-0780: The PDF event handler in Google Chrome before 9.0.597.84 does not properly interact with print opera The PDF event handler in Google Chrome before 9.0.597.84 does not properly interact with print operations, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.

CVE-2011-0782 [MEDIUM] CVE-2011-0782: Google Chrome before 9.0.597.84 on Mac OS X does not properly mitigate an unspecified flaw in the Ma Google Chrome before 9.0.597.84 on Mac OS X does not properly mitigate an unspecified flaw in the Mac OS X 10.5 SSL libraries, which allows remote attackers to cause a denial of service (application crash) via unknown vectors.

CVE-2011-0477 [CRITICAL] CWE-119 CVE-2011-0477: Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via unknown vectors.