| Definition ID | Class | Title | Last Modified |
|---|
| oval:org.mitre.oval:def:13414 | V | ** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug." | 2014-04-07 |
| oval:org.mitre.oval:def:13551 | V | Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. | 2014-04-07 |
| oval:org.mitre.oval:def:13716 | V | Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI. | 2014-04-07 |
| oval:org.mitre.oval:def:13789 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box. | 2014-04-07 |
| oval:org.mitre.oval:def:13840 | V | Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. | 2014-04-07 |
| oval:org.mitre.oval:def:13853 | V | Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.125 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:13887 | V | Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. | 2014-04-07 |
| oval:org.mitre.oval:def:13915 | V | Google Chrome before 14.0.835.163 allows user-assisted remote attackers to spoof the URL bar via vectors related to the forward button. | 2014-04-07 |
| oval:org.mitre.oval:def:13948 | V | Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:13966 | V | Google Chrome before 14.0.835.163 does not require Infobar interaction before use of the Windows Media Player plug-in, which makes it easier for remote attackers to have an unspecified impact via crafted Flash content. | 2014-04-07 |
| oval:org.mitre.oval:def:13995 | V | Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving animation frames. | 2014-04-07 |
| oval:org.mitre.oval:def:14019 | V | Google Chrome before 14.0.835.163 does not properly perform garbage collection during the processing of PDF documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | 2014-04-07 |
| oval:org.mitre.oval:def:14032 | V | Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.157 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14040 | V | Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14047 | V | The WebSockets implementation in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14075 | V | Google Chrome before 14.0.835.202 does not properly handle Google V8 hidden objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code. | 2014-04-07 |
| oval:org.mitre.oval:def:14078 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles. | 2014-04-07 |
| oval:org.mitre.oval:def:14093 | V | Use-after-free vulnerability in Skia, as used in Google Chrome before 13.0.782.107, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14100 | V | DEPRECATED: The drag-and-drop implementation in Google Chrome before 13.0.782.107 on Linux does not properly enforce permissions for files, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors. | 2014-03-21 |
| oval:org.mitre.oval:def:14107 | V | DEPRECATED: Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.44 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | 2014-03-19 |
| oval:org.mitre.oval:def:14134 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching. | 2014-04-07 |
| oval:org.mitre.oval:def:14139 | V | DEPRECATED: Google Chrome before 14.0.835.163 on Linux does not use the PIC and PIE compiler options for position-independent code, which has unspecified impact and attack vectors. | 2014-03-21 |
| oval:org.mitre.oval:def:14155 | V | Google V8, as used in Google Chrome before 15.0.874.121, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write operation. | 2014-04-07 |
| oval:org.mitre.oval:def:14166 | V | Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted stream. | 2014-04-07 |
| oval:org.mitre.oval:def:14179 | V | The International Components for Unicode (ICU) functionality in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. | 2014-04-07 |
| oval:org.mitre.oval:def:14224 | V | Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14229 | V | Google V8, as used in Google Chrome before 14.0.835.163, does not properly perform object sealing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." | 2014-04-07 |
| oval:org.mitre.oval:def:14234 | V | Race condition in Google Chrome before 14.0.835.163 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the certificate cache. | 2014-04-07 |
| oval:org.mitre.oval:def:14236 | V | Google V8, as used in Google Chrome before 13.0.782.107, does not properly perform const lookups, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted web site. | 2014-04-07 |
| oval:org.mitre.oval:def:14250 | V | Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. | 2014-04-07 |
| oval:org.mitre.oval:def:14261 | V | Google Chrome before 14.0.835.163 does not properly consider the MIME type during the loading of a plug-in, which has unspecified impact and remote attack vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14262 | V | Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14265 | V | Google V8, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. | 2014-04-07 |
| oval:org.mitre.oval:def:14266 | V | Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet. | 2014-04-07 |
| oval:org.mitre.oval:def:14267 | V | Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14268 | V | Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14284 | V | Google Chrome before 13.0.782.107 does not properly restrict access to internal schemes, which allows remote attackers to have an unspecified impact via a crafted web site. | 2014-04-07 |
| oval:org.mitre.oval:def:14296 | V | Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14298 | V | The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension. | 2014-04-07 |
| oval:org.mitre.oval:def:14299 | V | The view-source feature in Google Chrome before 16.0.912.63 allows remote attackers to spoof the URL bar via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14315 | V | Google Chrome before 16.0.912.63 does not properly handle PDF cross references, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14319 | V | Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings. | 2014-04-07 |
| oval:org.mitre.oval:def:14330 | V | Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14331 | V | Google Chrome before 13.0.782.107 does not ensure that the speech-input bubble is shown on the product's screen, which might make it easier for remote attackers to make audio recordings via a crafted web page containing an INPUT element. | 2014-04-07 |
| oval:org.mitre.oval:def:14333 | V | Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14336 | V | Google V8, as used in Google Chrome before 14.0.835.163, does not properly implement script object wrappers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14362 | V | Google Chrome before 13.0.782.107 does not ensure that the user is prompted before download of a dangerous file, which makes it easier for remote attackers to bypass intended content restrictions via a crafted web site. | 2014-04-07 |
| oval:org.mitre.oval:def:14371 | V | DEPRECATED: The PDF implementation in Google Chrome before 13.0.782.215 on Linux does not properly use the memset library function, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 2014-03-21 |
| oval:org.mitre.oval:def:14383 | V | Google Chrome before 13.0.782.215 allows remote attackers to bypass the Same Origin Policy via vectors related to empty origins. | 2014-04-07 |
| oval:org.mitre.oval:def:14391 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the frame loader. | 2014-04-07 |
| oval:org.mitre.oval:def:14395 | V | Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling. | 2014-04-07 |
| oval:org.mitre.oval:def:14406 | V | Google Chrome before 13.0.782.107 does not ensure that developer-mode NPAPI extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension. | 2014-04-07 |
| oval:org.mitre.oval:def:14410 | V | Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | 2014-04-07 |
| oval:org.mitre.oval:def:14421 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts. | 2014-04-07 |
| oval:org.mitre.oval:def:14423 | V | Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping. | 2014-04-07 |
| oval:org.mitre.oval:def:14425 | V | Google Chrome before 13.0.782.107 does not ensure that extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension. | 2014-04-07 |
| oval:org.mitre.oval:def:14428 | V | DEPRECATED: The installer in Google Chrome before 14.0.835.163 on Mac OS X does not properly handle lock files, which has unspecified impact and attack vectors. | 2014-03-21 |
| oval:org.mitre.oval:def:14431 | V | Google V8, as used in Google Chrome before 14.0.835.163, does not properly restrict access to built-in objects, which has unspecified impact and remote attack vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14434 | V | Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14437 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching. | 2014-04-07 |
| oval:org.mitre.oval:def:14439 | V | Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a text line box. | 2014-04-07 |
| oval:org.mitre.oval:def:14441 | V | Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. | 2014-04-07 |
| oval:org.mitre.oval:def:14448 | V | Google Chrome before 13.0.782.107 does not properly handle nested functions in PDF documents, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document. | 2014-04-07 |
| oval:org.mitre.oval:def:14451 | V | Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling. | 2014-04-07 |
| oval:org.mitre.oval:def:14454 | V | Google Chrome before 14.0.835.163 does not perform an expected pin operation for a self-signed certificate during a session, which has unspecified impact and remote attack vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14470 | V | Google Chrome before 14.0.835.202 does not properly restrict access to the window prototype, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14484 | V | Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. | 2014-04-07 |
| oval:org.mitre.oval:def:14485 | V | Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." | 2014-04-07 |
| oval:org.mitre.oval:def:14491 | V | Google Chrome before 14.0.835.163 allows user-assisted remote attackers to spoof the URL bar via vectors related to "unusual user interaction." | 2014-04-07 |
| oval:org.mitre.oval:def:14494 | V | Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to bidirectional text (aka bidi) handling. | 2014-04-07 |
| oval:org.mitre.oval:def:14496 | V | Google Chrome before 14.0.835.202 does not properly consider object lifetimes and thread safety during the handling of audio nodes, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14499 | V | Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles. | 2014-04-07 |
| oval:org.mitre.oval:def:14504 | V | Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14511 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal. | 2014-04-07 |
| oval:org.mitre.oval:def:14515 | V | Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14516 | V | Integer overflow in Google Chrome before 13.0.782.215 on 32-bit platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving uniform arrays. | 2014-04-07 |
| oval:org.mitre.oval:def:14517 | V | Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14519 | V | Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters. | 2014-04-07 |
| oval:org.mitre.oval:def:14522 | V | Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering. | 2014-04-07 |
| oval:org.mitre.oval:def:14527 | V | Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling. | 2014-04-07 |
| oval:org.mitre.oval:def:14533 | V | Google Chrome before 13.0.782.107 does not properly address re-entrancy issues associated with the GPU lock, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14537 | V | Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14538 | V | Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation entry and an interstitial page. | 2014-04-07 |
| oval:org.mitre.oval:def:14547 | V | Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14548 | V | The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14550 | V | The shader translator implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14551 | V | Off-by-one error in Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14552 | V | Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14554 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media selectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14569 | V | Buffer overflow in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF fonts. | 2014-04-07 |
| oval:org.mitre.oval:def:14579 | V | The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14580 | V | Google Chrome before 13.0.782.107 allows remote attackers to obtain sensitive information via a request for the GL program log, which reveals a local path in an unspecified log entry. | 2014-04-07 |
| oval:org.mitre.oval:def:14583 | V | Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14585 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes. | 2014-04-07 |
| oval:org.mitre.oval:def:14592 | V | Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14593 | V | Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller. | 2014-04-07 |
| oval:org.mitre.oval:def:14594 | V | Google Chrome before 14.0.835.163 uses incorrect permissions for non-gallery pages, which has unspecified impact and attack vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14595 | V | The Basic Authentication dialog implementation in Google Chrome before 13.0.782.107 does not properly handle strings, which might make it easier for remote attackers to capture credentials via a crafted web site. | 2014-04-07 |
| oval:org.mitre.oval:def:14608 | V | Google Chrome before 13.0.782.215 on Windows does not properly handle vertex data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14611 | V | Google Chrome before 13.0.782.215 on Windows does not properly parse URLs located on the command line, which has unspecified impact and attack vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14617 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling. | 2014-04-07 |
| oval:org.mitre.oval:def:14628 | V | Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724. | 2014-04-07 |
| oval:org.mitre.oval:def:14643 | V | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations. | 2014-04-07 |
| oval:org.mitre.oval:def:14653 | V | Google Chrome before 13.0.782.107 does not prevent calls to functions in other frames, which allows remote attackers to bypass intended access restrictions via a crafted web site, related to a "cross-frame function leak." | 2014-04-07 |
| oval:org.mitre.oval:def:14667 | V | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling. | 2014-04-07 |
| oval:org.mitre.oval:def:14671 | V | Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 2014-04-07 |
| oval:org.mitre.oval:def:14674 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering. | 2014-04-07 |
| oval:org.mitre.oval:def:14677 | V | Google Chrome before 14.0.835.163 does not properly handle strings in PDF documents, which allows remote attackers to have an unspecified impact via a crafted document that triggers an incorrect read operation. | 2014-04-07 |
| oval:org.mitre.oval:def:14683 | V | Google Chrome before 16.0.912.63 does not properly handle PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14690 | V | Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14691 | V | Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing." | 2014-04-07 |
| oval:org.mitre.oval:def:14694 | V | Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font." | 2014-04-07 |
| oval:org.mitre.oval:def:14695 | V | Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | 2014-04-07 |
| oval:org.mitre.oval:def:14696 | V | Google Chrome before 14.0.835.163 does not properly process MP3 files, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14704 | V | Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14710 | V | Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14711 | V | Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site. | 2014-04-07 |
| oval:org.mitre.oval:def:14751 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to instantiation of the Pepper plug-in. | 2014-04-07 |
| oval:org.mitre.oval:def:14761 | V | libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14763 | V | Integer signedness error in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | 2014-04-07 |
| oval:org.mitre.oval:def:14791 | V | Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14840 | V | The internationalization (aka i18n) functionality in Google V8, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. | 2014-04-07 |
| oval:org.mitre.oval:def:14847 | V | Stack-based buffer overflow in FileWatcher in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14869 | V | Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14871 | V | Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to glyph handling. | 2014-04-07 |
| oval:org.mitre.oval:def:14891 | V | Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate. | 2014-04-07 |
| oval:org.mitre.oval:def:14919 | V | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue. | 2014-04-07 |
| oval:org.mitre.oval:def:14955 | V | Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | 2014-04-07 |
| oval:org.mitre.oval:def:14998 | V | Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file. | 2014-04-07 |
| oval:org.mitre.oval:def:15020 | V | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading. | 2014-04-07 |
| oval:org.mitre.oval:def:15025 | V | translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network. | 2014-04-07 |
| oval:org.mitre.oval:def:15032 | V | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | 2014-04-07 |
| oval:org.mitre.oval:def:15533 | V | Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725. | 2014-04-07 |