Google Toolbar vulnerabilities
5 known vulnerabilities affecting google/toolbar.
Total CVEs
5
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3LOW1
Vulnerabilities
Page 1 of 1
CVE-2007-6536MEDIUMCVSS 6.8v4v52007-12-27
CVE-2007-6536 [MEDIUM] CWE-200 CVE-2007-6536: The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in t
The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in the (1) "Downloaded from" and (2) "Privacy considerations" sections without verifying domain names, which makes it easier for remote attackers to spoof domain names and trick users into installing malicious button XML files, as demonstrated by presenting
nvd
CVE-2004-2475MEDIUMCVSS 4.3PoCv1.1.41v1.1.42+15 more2004-12-31
CVE-2004-2475 [MEDIUM] CVE-2004-2475: Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inje
Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it is not allowed in the Internet Zone. Thus this might not be a v
nvd
CVE-2002-1442HIGHCVSS 7.5v1.1.41v1.1.42+12 more2003-04-11
CVE-2002-1442 [HIGH] CVE-2002-1442: The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operat
The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then using script to modify the window's location to the toolbar's configuration URL, which bypasses the origin ver
nvd
CVE-2002-1443MEDIUMCVSS 5.0v1.1.41v1.1.42+12 more2003-04-11
CVE-2002-1443 [MEDIUM] CVE-2002-1443: The Google toolbar 1.1.58 and earlier allows remote web sites to monitor a user's input into the too
The Google toolbar 1.1.58 and earlier allows remote web sites to monitor a user's input into the toolbar via an "onkeydown" event handler.
nvd
CVE-2002-1444LOWCVSS 2.6PoCv1.1.602002-08-15
CVE-2002-1444 [LOW] CVE-2002-1444: The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to
The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the Google.Search() function.
nvd