[CLOSE] OSVDB ID : 52642 - Disclosed: 2009-01-29

Description:

(Description Provided by CVE) : ** DISPUTED ** Google Chrome 1.0.154.43 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability. NOTE: a third party disputes the relevance of this issue, stating that "every sufficiently featured browser is and likely will remain susceptible to the behavior known as clickjacking," and adding that the exploit code "is not a valid demonstration of the issue."

[CLOSE] OSVDB ID : 56431 - Disclosed: 2009-04-08

Description:

(Description Provided by CVE) : Google Chrome 1.0.x does not cancel timeouts upon a page transition, which makes it easier for attackers to conduct Universal XSS attacks by calling setTimeout to trigger future execution of JavaScript code, and then modifying document.location to arrange for JavaScript execution in the context of an arbitrary web site. NOTE: this can be leveraged for a remote attack by exploiting a chromehtml: argument-injection vulnerability.

[CLOSE] OSVDB ID : 54288 - Disclosed: 2009-05-05

Description:

(Description Provided by CVE) : Heap-based buffer overflow in the ParamTraits<SkBitmap>::Read function in Google Chrome before 1.0.154.64 allows attackers to leverage renderer access to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to a large bitmap that arrives over the IPC channel.

[CLOSE] OSVDB ID : 56488 - Disclosed: 2009-06-17

Description:

(Description Provided by CVE) : Google Chrome before 1.0.154.53 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.

[CLOSE] OSVDB ID : 56245 - Disclosed: 2009-07-16

Description:

(Description Provided by CVE) : Google Chrome before 2.0.172.37 allows attackers to leverage renderer access to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors that trigger excessive memory allocation.

[CLOSE] OSVDB ID : 58192 - Disclosed: 2009-09-15

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Google Chrome 2.x and 3.x before 3.0.195.21 allows remote attackers to inject arbitrary web script or HTML via a (1) RSS or (2) Atom feed, related to the rendering of the application/rss+xml content type as XML "active content."

[CLOSE] OSVDB ID : 62317 - Disclosed: 2010-02-10

Description:

(Description Provided by CVE) : WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a <ruby>><table><rt> sequence.

[CLOSE] OSVDB ID : 63109 - Disclosed: 2010-03-17

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 63107 - Disclosed: 2010-03-17

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 62320 - Disclosed: 2010-02-10

Description:

(Description Provided by CVE) : Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages.

[CLOSE] OSVDB ID : 48259 - Disclosed: 2008-09-05

Description:

(Description Provided by CVE) : Stack-based buffer overflow in the SaveAs feature (SaveFileAsWithFilter function) in win_util.cc in Google Chrome 0.2.149.27 allows user-assisted remote attackers to execute arbitrary code via a web page with a long TITLE element, which triggers the overflow when the user saves the page and a long filename is generated. NOTE: it might be possible to exploit this issue via an HTTP response that includes a long filename in a Content-Disposition header.

[CLOSE] OSVDB ID : 54156 - Disclosed: 2009-02-04

Description:

(Description Provided by CVE) : Google Chrome before 1.0.154.46 does not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls and other web script.

[CLOSE] OSVDB ID : 53556 - Disclosed: 2009-03-16

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 54248 - Disclosed: 2009-05-05

Description:

(Description Provided by CVE) : Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and possibly Android, might allow remote attackers to execute arbitrary code in the renderer process via a crafted (1) image or (2) canvas.

[CLOSE] OSVDB ID : 62463 - Disclosed: 2010-01-25

Description:

(Description Provided by CVE) : Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements.

[CLOSE] OSVDB ID : 62468 - Disclosed: 2010-02-10

Description:

(Description Provided by CVE) : Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is configured, sends DNS queries directly, which allows remote DNS servers to obtain potentially sensitive information about the identity of a client user via request logging, as demonstrated by a proxy server that was configured for the purpose of anonymity.

[CLOSE] OSVDB ID : 55132 - Disclosed: 2009-05-01

Description:

(Description Provided by CVE) : src/net/http/http_transaction_winhttp.cc in Google Chrome before 1.0.154.53 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.

[CLOSE] OSVDB ID : 59744 - Disclosed: 2009-11-05

Description:

(Description Provided by CVE) : The WebFrameLoaderClient::dispatchDidChangeLocationWithinPage function in src/webkit/glue/webframeloaderclient_impl.cc in Google Chrome before 3.0.195.32 allows user-assisted remote attackers to cause a denial of service via a page-local link, related to an "empty redirect chain," as demonstrated by a message in Yahoo! Mail.

[CLOSE] OSVDB ID : 59044 - Disclosed: 2009-06-02

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 48265 - Disclosed: 2008-09-20

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 54243 - Disclosed: 2009-04-30

Description:

Googe Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when NULL-pointer deference occurs, and will result in loss of availability for the service

[CLOSE] OSVDB ID : 57475 - Disclosed: 2008-09-02

Description:

(Description Provided by CVE) : The tooltip manager (chrome/views/tooltip_manager.cc) in Google Chrome 0.2.149.29 Build 1798 and possibly other versions before 0.2.149.30 allows remote attackers to cause a denial of service (CPU consumption or crash) via a tag with a long title attribute, which is not properly handled when displaying a tooltip, a different vulnerability than CVE-2008-6994. NOTE: there is inconsistent information about the environments under which this issue exists.

[CLOSE] OSVDB ID : 52638 - Disclosed: 2008-11-11

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 63114 - Disclosed: 2010-03-17

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 63113 - Disclosed: 2010-03-17

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 55278 - Disclosed: 2009-06-22

Description:

(Description Provided by CVE) : Buffer overflow in the browser kernel in Google Chrome before 2.0.172.33 allows remote HTTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted response.

[CLOSE] OSVDB ID : 52643 - Disclosed: 2009-02-03

Description:

(Description Provided by CVE) : Google Chrome 2.0.x lets modifications to the global object persist across a page transition, which makes it easier for attackers to conduct Universal XSS attacks via unspecified vectors.

[CLOSE] OSVDB ID : 48264 - Disclosed: 2008-09-19

Description:

(Description Provided by CVE) : Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in Google Chrome 0.2.149.27 and other versions before 0.2.149.29 might allow user-assisted remote attackers to execute arbitrary code via a link target (href attribute) with a large number of path elements, which triggers the overflow when the status bar is updated after the user hovers over the link.

[CLOSE] OSVDB ID : 62305 - Disclosed: 2010-01-26

Description:

(Description Provided by CVE) : Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a different web site.

[CLOSE] OSVDB ID : 62316 - Disclosed: 2010-02-10

Description:

(Description Provided by CVE) : Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.