OVAL Definitions - Class: Vulnerability

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
Google Chrome 15.0.874.121 and earlier does not prevent capture of data about the times of Same Origin Policy violations... oval:org.mitre.oval:def:14188 Vulnerability windows
Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mechanism by leveraging a... oval:org.mitre.oval:def:14940 Vulnerability windows
Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possib... oval:org.mitre.oval:def:14374 Vulnerability windows
Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library oval:org.mitre.oval:def:12104 Vulnerability windows
Google Chrome before 5.0.375.127 does not properly mitigate an unspecified flaw in the Windows kernel oval:org.mitre.oval:def:11918 Vulnerability windows
Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kernel oval:org.mitre.oval:def:11890 Vulnerability windows
Google Chrome before 5.0.375.55 does not properly follow the Safe Browsing specification's requirements for canonicaliza... oval:org.mitre.oval:def:12113 Vulnerability windows
Google Chrome before 7.0.517.41 does not properly handle animated GIF images oval:org.mitre.oval:def:7646 Vulnerability windows
Google Chrome before 7.0.517.41 does not properly handle the unloading of a page, which allows remote attackers to spoof... oval:org.mitre.oval:def:7627 Vulnerability windows
Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functionality oval:org.mitre.oval:def:7159 Vulnerability windows
Google Chrome before 7.0.517.41 does not properly perform autofill operations for forms oval:org.mitre.oval:def:6867 Vulnerability windows
Google Chrome before 7.0.517.41 does not properly handle forms oval:org.mitre.oval:def:6775 Vulnerability windows
Google Chrome before 15.0.874.102 does not prevent redirects to chrome: URLs oval:org.mitre.oval:def:13246 Vulnerability windows
Google Chrome before 15.0.874.102 does not properly address timing issues during DOM traversal oval:org.mitre.oval:def:13196 Vulnerability windows
Google Chrome before 15.0.874.102 does not properly handle javascript: URLs oval:org.mitre.oval:def:13179 Vulnerability windows
Google Chrome before 15.0.874.102 does not properly restrict access to internal Google V8 functions oval:org.mitre.oval:def:13172 Vulnerability windows
Google Chrome before 15.0.874.102 allows remote attackers to bypass the Same Origin Policy oval:org.mitre.oval:def:12940 Vulnerability windows
Google Chrome before 15.0.874.102 does not prevent use of an unspecified special character as a delimiter in HTTP header... oval:org.mitre.oval:def:12672 Vulnerability windows
Google Chrome before 4.0.249.89 attempts to make direct connections to web sites when all configured proxy servers are u... oval:org.mitre.oval:def:14500 Vulnerability windows
Google Chrome before 4.1.249.1036 processes HTTP headers before invoking the SafeBrowsing feature, which allows remote a... oval:org.mitre.oval:def:14332 Vulnerability windows
Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows ... oval:org.mitre.oval:def:14323 Vulnerability windows
Google Chrome before 4.0.249.78 on Windows does not perform the expected encoding, escaping, and quoting for the URL in ... oval:org.mitre.oval:def:14306 Vulnerability windows
Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear... oval:org.mitre.oval:def:14292 Vulnerability windows
Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote att... oval:org.mitre.oval:def:14267 Vulnerability windows
Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation bef... oval:org.mitre.oval:def:14266 Vulnerability windows
Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances inv... oval:org.mitre.oval:def:14247 Vulnerability windows
Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denia... oval:org.mitre.oval:def:14166 Vulnerability windows
Google Chrome before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have u... oval:org.mitre.oval:def:14000 Vulnerability windows
Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is configured, sends DNS queries directly, which allows rem... oval:org.mitre.oval:def:13926 Vulnerability windows
Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redi... oval:org.mitre.oval:def:14759 Vulnerability windows

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html