| Definition ID | Class | Title | Last Modified |
|---|
| oval:org.mitre.oval:def:18335 | V | Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 31.0.1650.48, via vectors involving the movement of a media element between documents | 2013-12-23 |
| oval:org.mitre.oval:def:18401 | V | The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning | 2013-12-23 |
| oval:org.mitre.oval:def:19006 | V | Use-after-free vulnerability in Google Chrome before 31.0.1650.48 via vectors related to the x-webkit-speech attribute in a text INPUT element | 2013-12-23 |
| oval:org.mitre.oval:def:19108 | V | net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation | 2013-12-23 |
| oval:org.mitre.oval:def:19113 | V | net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes | 2013-12-23 |
| oval:org.mitre.oval:def:19168 | V | Use-after-free vulnerability in Google Chrome before 31.0.1650.48 via vectors involving the string values of id attributes | 2013-12-23 |
| oval:org.mitre.oval:def:19183 | V | Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 | 2013-12-23 |
| oval:org.mitre.oval:def:19257 | V | Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances that require child node removal after a (1) mutation or (2) blur event | 2013-12-23 |
| oval:org.mitre.oval:def:19311 | V | The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout | 2013-12-23 |
| oval:org.mitre.oval:def:21152 | V | The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | 2014-10-06 |
| oval:org.mitre.oval:def:21236 | V | The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | 2014-10-06 |