Heap buffer overflow in ANGLE in Google Chrome prior to 1.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page
Insufficient data validation in Extensions in Google Chrome prior to 1.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page
