Chrome@21.0.1180.78 Security Vulnerabilities and Issues — Chrome@21.0.1180.78 CVE List

Lucene search

GoogleChrome21.0.1180.78

10 matches found

CVE•added 2012/08/31 7:55 p.m.•84 views

CVE-2012-2870

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xs...

4.3CVSS6.6AI score0.00906EPSS

CVE•added 2012/08/31 7:55 p.m.•79 views

CVE-2012-2871

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, relate...

6.8CVSS7.4AI score0.00601EPSS

CVE•added 2014/01/05 8:55 p.m.•67 views

CVE-2012-2898

Google Chrome before 21.0.1180.82 on iOS on iPad devices allows remote attackers to spoof the Omnibox URL via vectors involving SSL error messages, a related issue to CVE-2012-0674.

5CVSS6.1AI score0.00359EPSS

CVE•added 2012/08/31 7:55 p.m.•65 views

CVE-2012-2865

Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.

4.3CVSS8.5AI score0.00972EPSS

CVE•added 2012/08/31 7:55 p.m.•58 views

CVE-2012-2868

Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object.

6.8CVSS9.2AI score0.00918EPSS

CVE•added 2012/08/31 7:55 p.m.•58 views

CVE-2012-2869

Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer."

7.5CVSS9.3AI score0.01382EPSS

CVE•added 2012/08/31 7:55 p.m.•56 views

CVE-2012-2872

Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS7.2AI score0.0036EPSS

CVE•added 2012/08/31 7:55 p.m.•52 views

CVE-2012-2866

Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

7.5CVSS9.1AI score0.01615EPSS

CVE•added 2012/08/31 7:55 p.m.•52 views

CVE-2012-2867

The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

5CVSS8.5AI score0.01382EPSS

CVE•added 2014/01/05 8:55 p.m.•42 views

CVE-2012-2899

Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigger use of an applewebdata: URL, which allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors involving the document.write method.

4.3CVSS5.5AI score0.00087EPSS