Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Chrome  >> 10.0.648.128  Security Vulnerabilities
CVE-2011-2804
Google Chrome before 13.0.782.107 does not properly handle nested functions in PDF documents, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.
CVSS Score
4.3
EPSS Score
0.03
Published
2011-08-03
CVE-2011-2805
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.006
Published
2011-08-03
CVE-2011-2818
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.
CVSS Score
6.8
EPSS Score
0.036
Published
2011-08-03
CVE-2011-2819
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI.
CVSS Score
6.8
EPSS Score
0.007
Published
2011-08-03
CVE-2011-2358
Google Chrome before 13.0.782.107 does not ensure that extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension.
CVSS Score
6.8
EPSS Score
0.007
Published
2011-08-03
CVE-2011-2359
Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
CVSS Score
6.8
EPSS Score
0.044
Published
2011-08-03
CVE-2011-2360
Google Chrome before 13.0.782.107 does not ensure that the user is prompted before download of a dangerous file, which makes it easier for remote attackers to bypass intended content restrictions via a crafted web site.
CVSS Score
4.3
EPSS Score
0.003
Published
2011-08-03
CVE-2011-2361
The Basic Authentication dialog implementation in Google Chrome before 13.0.782.107 does not properly handle strings, which might make it easier for remote attackers to capture credentials via a crafted web site.
CVSS Score
4.3
EPSS Score
0.003
Published
2011-08-03
CVE-2011-2782
The drag-and-drop implementation in Google Chrome before 13.0.782.107 on Linux does not properly enforce permissions for files, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.002
Published
2011-08-03
CVE-2011-2783
Google Chrome before 13.0.782.107 does not ensure that developer-mode NPAPI extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension.
CVSS Score
6.8
EPSS Score
0.007
Published
2011-08-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved