| Definition ID | Class | Title | Last Modified |
|---|
| oval:org.mitre.oval:def:13414 | V | ** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug." | 2014-04-07 |
| oval:org.mitre.oval:def:13551 | V | Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. | 2014-04-07 |
| oval:org.mitre.oval:def:13840 | V | Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. | 2014-04-07 |
| oval:org.mitre.oval:def:13853 | V | Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.125 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14032 | V | Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.157 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14139 | V | DEPRECATED: Google Chrome before 14.0.835.163 on Linux does not use the PIC and PIE compiler options for position-independent code, which has unspecified impact and attack vectors. | 2014-03-21 |
| oval:org.mitre.oval:def:14155 | V | Google V8, as used in Google Chrome before 15.0.874.121, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write operation. | 2014-04-07 |
| oval:org.mitre.oval:def:14166 | V | Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted stream. | 2014-04-07 |
| oval:org.mitre.oval:def:14229 | V | Google V8, as used in Google Chrome before 14.0.835.163, does not properly perform object sealing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." | 2014-04-07 |
| oval:org.mitre.oval:def:14250 | V | Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. | 2014-04-07 |
| oval:org.mitre.oval:def:14262 | V | Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14265 | V | Google V8, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. | 2014-04-07 |
| oval:org.mitre.oval:def:14266 | V | Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet. | 2014-04-07 |
| oval:org.mitre.oval:def:14267 | V | Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14336 | V | Google V8, as used in Google Chrome before 14.0.835.163, does not properly implement script object wrappers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14410 | V | Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | 2014-04-07 |
| oval:org.mitre.oval:def:14423 | V | Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping. | 2014-04-07 |
| oval:org.mitre.oval:def:14428 | V | DEPRECATED: The installer in Google Chrome before 14.0.835.163 on Mac OS X does not properly handle lock files, which has unspecified impact and attack vectors. | 2014-03-21 |
| oval:org.mitre.oval:def:14431 | V | Google V8, as used in Google Chrome before 14.0.835.163, does not properly restrict access to built-in objects, which has unspecified impact and remote attack vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14484 | V | Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. | 2014-04-07 |
| oval:org.mitre.oval:def:14516 | V | Integer overflow in Google Chrome before 13.0.782.215 on 32-bit platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving uniform arrays. | 2014-04-07 |