Chrome@3.0.195.2 Security Vulnerabilities and Issues — Chrome@3.0.195.2 CVE List

Lucene search

GoogleChrome3.0.195.2

11 matches found

CVE•added 2011/08/09 7:55 p.m.•84 views

CVE-2008-7294

Google Chrome before 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS)...

5.8CVSS6.2AI score0.00315EPSS

CVE•added 2010/05/03 1:51 p.m.•56 views

CVE-2010-1663

The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

10CVSS6.2AI score0.07393EPSS

CVE•added 2010/05/03 1:51 p.m.•53 views

CVE-2010-1664

Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.

5CVSS8.6AI score0.0188EPSS

CVE•added 2010/09/24 7:0 p.m.•52 views

CVE-2010-1767

Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a crafted synchronous preflight XMLHttpRequest ope...

6.8CVSS8.4AI score0.00632EPSS

CVE•added 2010/04/23 2:30 p.m.•51 views

CVE-2010-1504

Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI.

4.3CVSS5.3AI score0.0036EPSS

CVE•added 2010/04/23 2:30 p.m.•50 views

CVE-2010-1500

Google Chrome before 4.1.249.1059 does not properly support forms, which has unknown impact and attack vectors, related to a "type confusion error."

7.5CVSS6.3AI score0.00216EPSS

CVE•added 2010/05/03 1:51 p.m.•49 views

CVE-2010-1665

Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.

7.5CVSS8.6AI score0.0188EPSS

CVE•added 2010/04/23 2:30 p.m.•47 views

CVE-2010-1505

Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors.

10CVSS6.3AI score0.01117EPSS

CVE•added 2010/04/23 2:30 p.m.•47 views

CVE-2010-1506

The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of service (memory corruption) via unknown vectors.

7.8CVSS6.2AI score0.00514EPSS

CVE•added 2010/04/23 2:30 p.m.•46 views

CVE-2010-1502

Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to access local files via vectors related to "developer tools."

9.3CVSS6.1AI score0.01754EPSS

CVE•added 2010/04/23 2:30 p.m.•44 views

CVE-2010-1503

Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI.

4.3CVSS5.3AI score0.0036EPSS