Google

Chrome

3770 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2011-3059

  • EPSS 2.35%
  • Veröffentlicht 30.03.2012 22:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

6.8

CVE-2011-3060

Exploit
  • EPSS 2.35%
  • Veröffentlicht 30.03.2012 22:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

5.8

CVE-2011-3061

Exploit
  • EPSS 0.24%
  • Veröffentlicht 30.03.2012 22:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a SPDY proxy, which might allow man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.

6.8

CVE-2011-3062

  • EPSS 2.39%
  • Veröffentlicht 30.03.2012 22:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.

4.3

CVE-2011-3063

  • EPSS 0.48%
  • Veröffentlicht 30.03.2012 22:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, which has unspecified impact and remote attack vectors.

7.5

CVE-2011-3064

  • EPSS 5.94%
  • Veröffentlicht 30.03.2012 22:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.

6.8

CVE-2011-3065

Exploit
  • EPSS 1.79%
  • Veröffentlicht 30.03.2012 22:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

5

CVE-2011-3049

  • EPSS 1.9%
  • Veröffentlicht 23.03.2012 10:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension.

9.3

CVE-2012-1845

Medienbericht
  • EPSS 2.51%
  • Veröffentlicht 22.03.2012 16:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the DEP and ASLR protection mechanisms, and execute arbitrary code, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition...

10

CVE-2012-1846

Medienbericht
  • EPSS 2.06%
  • Veröffentlicht 22.03.2012 16:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a sandboxed process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. NOTE: the primary affecte...