This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:google:chrome:4.1.249.1027 |
| Detail | |||
|---|---|---|---|
| Vendor | First view | 2010-04-01 | |
| Product | Chrome | Last view | 2012-05-01 |
| Version | 4.1.249.1027 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:google:chrome | ||
Activity : Overall
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 10 | 2012-05-01 | CVE-2012-1521 | Network | Low | None Requ... | |
| 10 | 2012-05-01 | CVE-2011-3081 | Network | Low | None Requ... | |
| 7.5 | 2012-05-01 | CVE-2011-3080 | Network | Low | None Requ... | |
| 10 | 2012-05-01 | CVE-2011-3079 | Network | Low | None Requ... | |
| 10 | 2012-05-01 | CVE-2011-3078 | Network | Low | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 10 | 2012-04-06 | CVE-2012-0725 | Network | Low | None Requ... | |
| 10 | 2012-04-06 | CVE-2012-0724 | Network | Low | None Requ... | |
| 7.5 | 2012-04-05 | CVE-2011-3077 | Network | Low | None Requ... | |
| 7.5 | 2012-04-05 | CVE-2011-3076 | Network | Low | None Requ... | |
| 7.5 | 2012-04-05 | CVE-2011-3075 | Network | Low | None Requ... | |
| 7.5 | 2012-04-05 | CVE-2011-3074 | Network | Low | None Requ... | |
| 7.5 | 2012-04-05 | CVE-2011-3073 | Network | Low | None Requ... | |
| 5 | 2012-04-05 | CVE-2011-3072 | Network | Low | None Requ... | |
| 7.5 | 2012-04-05 | CVE-2011-3071 | Network | Low | None Requ... | |
| 7.5 | 2012-04-05 | CVE-2011-3070 | Network | Low | None Requ... | |
| 7.5 | 2012-04-05 | CVE-2011-3069 | Network | Low | None Requ... | |
| 7.5 | 2012-04-05 | CVE-2011-3068 | Network | Low | None Requ... | |
| 5 | 2012-04-05 | CVE-2011-3067 | Network | Low | None Requ... | |
| 5 | 2012-04-05 | CVE-2011-3066 | Network | Low | None Requ... | |
| 7.5 | 2012-03-30 | CVE-2011-3065 | Network | Low | None Requ... | |
| 7.5 | 2012-03-30 | CVE-2011-3064 | Network | Low | None Requ... | |
| 10 | 2012-03-30 | CVE-2011-3063 | Network | Low | None Requ... | |
| 6.8 | 2012-03-30 | CVE-2011-3062 | Network | Medium | None Requ... | |
| 5.8 | 2012-03-30 | CVE-2011-3061 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 30% (125) | CWE-399 | Resource Management Errors |
| 23% (97) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 23% (97) | CWE-20 | Improper Input Validation |
| 10% (42) | CWE-264 | Permissions, Privileges, and Access Controls |
| 3% (16) | CWE-189 | Numeric Errors |
| % | id | Name |
|---|---|---|
| 2% (9) | CWE-362 | Race Condition |
| 2% (9) | CWE-200 | Information Exposure |
| 1% (6) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 0% (3) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 0% (2) | CWE-310 | Cryptographic Issues |
| 0% (2) | CWE-287 | Improper Authentication |
| 0% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
Oval Markup Language : Definitions
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:13829 | Multiple race conditions in the sandbox infrastructure in Google Chrome befor... |
| oval:org.mitre.oval:def:14220 | The sandbox infrastructure in Google Chrome before 4.1.249.1036 does not prop... |
| oval:org.mitre.oval:def:14292 | Google Chrome before 4.1.249.1036 does not have the expected behavior for att... |
| oval:org.mitre.oval:def:14332 | Google Chrome before 4.1.249.1036 processes HTTP headers before invoking the ... |
| oval:org.mitre.oval:def:14000 | Google Chrome before 4.1.249.1036 allows remote attackers to cause a denial o... |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:14275 | Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote ... |
| oval:org.mitre.oval:def:14297 | Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote ... |
| oval:org.mitre.oval:def:14067 | The protocolIs function in platform/KURLGoogle.cpp in WebCore in WebKit befor... |
| oval:org.mitre.oval:def:14374 | Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a... |
| oval:org.mitre.oval:def:11906 | Type confusion error in Google Chrome version before 4.1.249.1059. |
| oval:org.mitre.oval:def:12041 | Developer tools vulnerability in Google Chrome version before 4.1.249.1059. |
| oval:org.mitre.oval:def:11244 | Cross-site scripting (XSS) vulnerability related to chrome://net-internals [^... |
| oval:org.mitre.oval:def:11418 | Cross-site scripting (XSS) vulnerability allows remote attackers in Google Ch... |
| oval:org.mitre.oval:def:11866 | Prevent pages from loading with the New Tab page's privileges in Google Chrom... |
| oval:org.mitre.oval:def:11925 | Denial of service found in Google Chrome version before 4.1.249.1059 |
| oval:org.mitre.oval:def:6813 | Allows remote attackers to bypass the Origin Policy in Google Chrome version... |
| oval:org.mitre.oval:def:6878 | Problem in handling HTML5 media in Google Chrome version less than 4.1.249.1064 |
| oval:org.mitre.oval:def:7034 | Problem in handling fonts in Google Chrome version less than 4.1.249.1064 |
| oval:org.mitre.oval:def:11140 | Cross-site request forgery in Google Chrome version before 4.1.249.1059. |
| oval:org.mitre.oval:def:7099 | WebKit IBM1147 Character Set Text Transform Remote Code Execution Vulnerability |
| oval:org.mitre.oval:def:11661 | Vulnerability in page/Geolocation.cpp in WebCore in WebKit in Google Chrome ... |
| oval:org.mitre.oval:def:11830 | Vulnerability in toAlphabetic function in rendering/RenderListMarker.cpp in W... |
| oval:org.mitre.oval:def:6691 | Google Chrome WebKit Variable Casting Weakness Malformed SVG Document Handlin... |
| oval:org.mitre.oval:def:7405 | Vulnerability in WebKit used in Google Chrome version less than 6.0.472.59 vi... |
| oval:org.mitre.oval:def:7151 | Vulnerability in WebKit used in Google Chrome version less than 6.0.472.59 vi... |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 78547 | Google Chrome Tree Builder Remote Overflow |
| 78546 | Google Chrome Skia Unitialized Value Unspecified Remote DoS |
| 78545 | Google Chrome Use-after-free DOM Handling Unspecified Remote DoS |
| 78544 | Google Chrome Use-after-free DOM Selections Unspecified Remote DoS |
| 78543 | Google Chrome Use-after-free Safe Browsing Navigation Memory Corruption |
| id | Description |
|---|---|
| 78150 | Google Chrome Glyph Handling Remote Overflow |
| 78149 | Google Chrome Use-after-free Animation Frame Handling Remote Code Execution |
| 78148 | Google Chrome libxml2 parser.c xmlStringLenDecodeEntities() Function Remote O... |
| 77720 | Google Chrome bidi Handling Use-after-free Remote Code Execution |
| 77719 | Google Chrome Filewatcher Unspecified Remote Overflow |
| 77718 | Google Chrome PDF Cross References Out-of-bounds Read Remote DoS |
| 77717 | Google Chrome PDF Font Handling Remote Overflow |
| 77716 | Google Chrome v8 i18n Handling Out-of-bounds Write Remote Code Execution |
| 77715 | Google Chrome Range Handling Use-after-free Remote Code Execution |
| 77714 | Google Chrome SVG Filters Use-after-free Remote Code Execution |
| 77713 | Google Chrome PDF Handling Out-of-bounds Read Remote DoS |
| 77712 | Google Chrome YUV Video Frames Out-of-bounds Read Remote DoS |
| 77711 | Google Chrome CSS Property Array Unspecified Remote Memory Corruption |
| 77710 | Google Chrome SVG Parsing Out-of-bounds Read Remote DoS |
| 77709 | Google Chrome view-source URL Bar Spoofing |
| 77708 | Google Chrome PDF Parser Out-of-bounds Read Remote DoS |
| 77707 | Google Chrome libxml Out-of-bounds Read Remote DoS |
| 77706 | Google Chrome regex Matching Out-of-bounds Read Remote DoS |
| 77608 | Google Chrome JavaScript Implementation getComputedStyle Method Page Handling... |
| 77604 | Google Chrome CSS visited Pseudo-class Handling Browsing History Disclosure |
ExploitDB Exploits
| id | Description |
|---|---|
| 22406 | Konqueror 4.7.3 Memory Corruption |
| 17929 | Google Chrome < 14.0.835.163 PDF File Handling Memory Corruption |
| 12657 | Google Chrome 4.1.249.1059 Cross Origin Bypass in Google URL (GURL) |
OpenVAS Exploits
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2439-1 (libpng - buffer overflow File : nvt/deb_2439_1.nasl |
| 2013-09-18 | Name : Debian Security Advisory DSA 2471-1 (ffmpeg - several vulnerabilities File : nvt/deb_2471_1.nasl |
| 2012-12-26 | Name : Fedora Update for qt FEDORA-2012-19715 File : nvt/gb_fedora_2012_19715_qt_fc16.nasl |
| 2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0374-1 (update) File : nvt/gb_suse_2012_0374_1.nasl |
| 2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update) File : nvt/gb_suse_2012_0466_1.nasl |
| id | Description |
|---|---|
| 2012-10-26 | Name : Ubuntu Update for webkit USN-1617-1 File : nvt/gb_ubuntu_USN_1617_1.nasl |
| 2012-10-19 | Name : Fedora Update for qt FEDORA-2012-15203 File : nvt/gb_fedora_2012_15203_qt_fc16.nasl |
| 2012-10-12 | Name : Mandriva Update for libxslt MDVSA-2012:164 (libxslt) File : nvt/gb_mandriva_MDVSA_2012_164.nasl |
| 2012-10-05 | Name : Ubuntu Update for libxslt USN-1595-1 File : nvt/gb_ubuntu_USN_1595_1.nasl |
| 2012-10-03 | Name : Fedora Update for libxml2 FEDORA-2012-13824 File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl |
| 2012-10-03 | Name : Fedora Update for libxslt FEDORA-2012-14048 File : nvt/gb_fedora_2012_14048_libxslt_fc16.nasl |
| 2012-09-27 | Name : Fedora Update for libxml2 FEDORA-2012-13820 File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl |
| 2012-09-27 | Name : Fedora Update for libxslt FEDORA-2012-14083 File : nvt/gb_fedora_2012_14083_libxslt_fc17.nasl |
| 2012-09-25 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004) File : nvt/gb_macosx_su12-004.nasl |
| 2012-09-17 | Name : RedHat Update for libxslt RHSA-2012:1265-01 File : nvt/gb_RHSA-2012_1265-01_libxslt.nasl |
| 2012-09-17 | Name : CentOS Update for libxslt CESA-2012:1265 centos5 File : nvt/gb_CESA-2012_1265_libxslt_centos5.nasl |
| 2012-09-17 | Name : CentOS Update for libxslt CESA-2012:1265 centos6 File : nvt/gb_CESA-2012_1265_libxslt_centos6.nasl |
| 2012-09-17 | Name : Apple iTunes Multiple Vulnerabilities - Sep 12 (Windows) File : nvt/gb_apple_itunes_mult_vuln_sep12_win.nasl |
| 2012-09-10 | Name : Slackware Advisory SSA:2012-206-01 libpng File : nvt/esoft_slk_ssa_2012_206_01.nasl |
| 2012-08-30 | Name : Fedora Update for libpng10 FEDORA-2012-3507 File : nvt/gb_fedora_2012_3507_libpng10_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for libpng FEDORA-2012-3605 File : nvt/gb_fedora_2012_3605_libpng_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for thunderbird FEDORA-2012-4910 File : nvt/gb_fedora_2012_4910_thunderbird_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for thunderbird FEDORA-2012-1794 File : nvt/gb_fedora_2012_1794_thunderbird_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for xulrunner FEDORA-2012-1800 File : nvt/gb_fedora_2012_1800_xulrunner_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for libpng FEDORA-2012-1892 File : nvt/gb_fedora_2012_1892_libpng_fc17.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2013-A-0031 | Multiple Security Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity : Category I - VMSKEY : V0036787 |
| 2012-A-0153 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity : Category I - VMSKEY : V0033884 |
| 2012-A-0073 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0032171 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 25066 - Type : FILE-IMAGE - Revision : 3 |
| 2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 25065 - Type : FILE-IMAGE - Revision : 4 |
| 2014-01-10 | Google Chrome net-internals uri fragment identifier XSS attempt RuleID : 23471 - Type : BROWSER-CHROME - Revision : 5 |
| 2014-01-10 | Google Chrome and Apple Safari runin handling use after free attempt RuleID : 23015 - Type : BROWSER-CHROME - Revision : 4 |
| 2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 22109 - Type : FILE-IMAGE - Revision : 6 |
| Date | Description |
|---|---|
| 2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 22108 - Type : FILE-IMAGE - Revision : 6 |
| 2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 22107 - Type : FILE-IMAGE - Revision : 6 |
| 2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 22106 - Type : FILE-IMAGE - Revision : 7 |
| 2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 22105 - Type : FILE-IMAGE - Revision : 8 |
| 2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 22104 - Type : FILE-IMAGE - Revision : 7 |
| 2014-01-10 | libpng png_inflate buffer overflow attempt RuleID : 21990 - Type : FILE-IMAGE - Revision : 4 |
| 2014-01-10 | libpng png_inflate buffer overflow attempt RuleID : 21989 - Type : FILE-IMAGE - Revision : 4 |
| 2014-01-10 | libpng png_inflate buffer overflow attempt RuleID : 21988 - Type : FILE-IMAGE - Revision : 4 |
| 2014-01-10 | libpng png_inflate buffer overflow attempt RuleID : 21987 - Type : FILE-IMAGE - Revision : 4 |
| 2014-01-10 | libpng png_inflate buffer overflow attempt RuleID : 21986 - Type : FILE-IMAGE - Revision : 4 |
| 2014-01-10 | libpng png_inflate buffer overflow attempt RuleID : 21985 - Type : FILE-IMAGE - Revision : 4 |
| 2014-01-10 | Apple Webkit Display box rendering corruption attempt RuleID : 20997 - Type : BROWSER-WEBKIT - Revision : 8 |
| 2014-01-10 | Google Chrome and Apple Safari Ruby before and after memory corruption RuleID : 20579 - Type : BROWSER-CHROME - Revision : 4 |
| 2014-01-10 | Google Chrome float rendering corruption attempt RuleID : 19710 - Type : BROWSER-CHROME - Revision : 6 |
| 2014-01-10 | Google Chrome Uninitialized bug_report Pointer Code Execution RuleID : 19217 - Type : BROWSER-CHROME - Revision : 9 |
| 2014-01-10 | Google Chrome Uninitialized bug_report Pointer Code Execution RuleID : 19216 - Type : BROWSER-CHROME - Revision : 9 |
| 2014-01-10 | Apple Safari Webkit CSS Charset Text transformation code execution attempt RuleID : 19096 - Type : BROWSER-WEBKIT - Revision : 5 |
| 2014-01-10 | Apple Safari Webkit CSS Charset Text transformation code execution attempt RuleID : 19095 - Type : BROWSER-WEBKIT - Revision : 5 |
| 2014-01-10 | Google Chrome GURL cross origin bypass attempt RuleID : 16668 - Type : BROWSER-CHROME - Revision : 5 |
| 2014-01-10 | Google Chrome GURL cross origin bypass attempt RuleID : 16667 - Type : BROWSER-CHROME - Revision : 6 |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_0_build_764879_remote.nasl - Type : ACT_GATHER_INFO |
| 2013-11-13 | Name : The remote VMware ESXi 5.1 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_1_build_1063671_remote.nasl - Type : ACT_GATHER_INFO |
| 2013-11-12 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libxslt-131106.nasl - Type : ACT_GATHER_INFO |
| 2013-10-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201310-12.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-123.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-36.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-49.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-56.nasl - Type : ACT_GATHER_INFO |
| 2013-08-21 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_4d087b35099011e3a9f4bcaec565249c.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0317.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0407.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0471.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0515.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2012-0516.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0880.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1265.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0999.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0016.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0017.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0018.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0177.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2012-0140.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0141.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2012-0142.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0143.nasl - Type : ACT_GATHER_INFO |
