Chrome Security Vulnerabilities and Issues — Chrome CVE List

Lucene search

GoogleChrome

3 matches found

CVE•added 2009/04/24 3:30 p.m.•84 views

CVE-2009-1412

Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0.154.59, when invoked by Internet Explorer, allows remote attackers to determine the existence of files, and open tabs for URLs that do not satisfy the IsWebSafeScheme restriction, via a web page that se...

7.8CVSS5.9AI score0.00288EPSS

CVE•added 2009/04/24 3:30 p.m.•75 views

CVE-2009-1413

Google Chrome 1.0.x does not cancel timeouts upon a page transition, which makes it easier for attackers to conduct Universal XSS attacks by calling setTimeout to trigger future execution of JavaScript code, and then modifying document.location to arrange for JavaScript execution in the context of ...

4.3CVSS5.8AI score0.00235EPSS

CVE•added 2009/04/24 3:30 p.m.•67 views

CVE-2009-1414

Google Chrome 2.0.x lets modifications to the global object persist across a page transition, which makes it easier for attackers to conduct Universal XSS attacks via unspecified vectors.

4.3CVSS5.5AI score0.00088EPSS