| Definition ID | Class | Title | Last Modified |
|---|
| oval:org.mitre.oval:def:13716 | V | Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI. | 2014-04-07 |
| oval:org.mitre.oval:def:14078 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles. | 2014-04-07 |
| oval:org.mitre.oval:def:14093 | V | Use-after-free vulnerability in Skia, as used in Google Chrome before 13.0.782.107, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14100 | V | DEPRECATED: The drag-and-drop implementation in Google Chrome before 13.0.782.107 on Linux does not properly enforce permissions for files, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors. | 2014-03-21 |
| oval:org.mitre.oval:def:14179 | V | The International Components for Unicode (ICU) functionality in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. | 2014-04-07 |
| oval:org.mitre.oval:def:14236 | V | Google V8, as used in Google Chrome before 13.0.782.107, does not properly perform const lookups, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted web site. | 2014-04-07 |
| oval:org.mitre.oval:def:14284 | V | Google Chrome before 13.0.782.107 does not properly restrict access to internal schemes, which allows remote attackers to have an unspecified impact via a crafted web site. | 2014-04-07 |
| oval:org.mitre.oval:def:14298 | V | The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension. | 2014-04-07 |
| oval:org.mitre.oval:def:14330 | V | Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14331 | V | Google Chrome before 13.0.782.107 does not ensure that the speech-input bubble is shown on the product's screen, which might make it easier for remote attackers to make audio recordings via a crafted web page containing an INPUT element. | 2014-04-07 |
| oval:org.mitre.oval:def:14333 | V | Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14362 | V | Google Chrome before 13.0.782.107 does not ensure that the user is prompted before download of a dangerous file, which makes it easier for remote attackers to bypass intended content restrictions via a crafted web site. | 2014-04-07 |
| oval:org.mitre.oval:def:14391 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the frame loader. | 2014-04-07 |
| oval:org.mitre.oval:def:14406 | V | Google Chrome before 13.0.782.107 does not ensure that developer-mode NPAPI extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension. | 2014-04-07 |
| oval:org.mitre.oval:def:14425 | V | Google Chrome before 13.0.782.107 does not ensure that extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension. | 2014-04-07 |
| oval:org.mitre.oval:def:14437 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching. | 2014-04-07 |
| oval:org.mitre.oval:def:14448 | V | Google Chrome before 13.0.782.107 does not properly handle nested functions in PDF documents, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document. | 2014-04-07 |
| oval:org.mitre.oval:def:14511 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal. | 2014-04-07 |
| oval:org.mitre.oval:def:14515 | V | Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14533 | V | Google Chrome before 13.0.782.107 does not properly address re-entrancy issues associated with the GPU lock, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14554 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media selectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14580 | V | Google Chrome before 13.0.782.107 allows remote attackers to obtain sensitive information via a request for the GL program log, which reveals a local path in an unspecified log entry. | 2014-04-07 |
| oval:org.mitre.oval:def:14583 | V | Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors. | 2014-04-07 |
| oval:org.mitre.oval:def:14595 | V | The Basic Authentication dialog implementation in Google Chrome before 13.0.782.107 does not properly handle strings, which might make it easier for remote attackers to capture credentials via a crafted web site. | 2014-04-07 |
| oval:org.mitre.oval:def:14617 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling. | 2014-04-07 |
| oval:org.mitre.oval:def:14653 | V | Google Chrome before 13.0.782.107 does not prevent calls to functions in other frames, which allows remote attackers to bypass intended access restrictions via a crafted web site, related to a "cross-frame function leak." | 2014-04-07 |
| oval:org.mitre.oval:def:14671 | V | Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 2014-04-07 |
| oval:org.mitre.oval:def:14674 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering. | 2014-04-07 |
| oval:org.mitre.oval:def:14711 | V | Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site. | 2014-04-07 |
| oval:org.mitre.oval:def:14751 | V | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to instantiation of the Pepper plug-in. | 2014-04-07 |