Details of VAR-201211-0061

ID

VAR-201211-0061

CVE

CVE-2012-5115

TITLE

Mac OS X Run on Google Chrome Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-005277

DESCRIPTION

Google Chrome before 23.0.1271.64 on Mac OS X does not properly mitigate improper write behavior in graphics drivers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger "wild writes.". (DoS) There are vulnerabilities that can be affected indefinitely, such as being in a state.Service disruption by a third party (DoS) There is a possibility of being affected unspecified, such as being in a state. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, bypass security restrictions, or cause denial-of-service conditions; other attacks may also be possible. Versions prior to Chrome 23.0.1271.64 are vulnerable. Google Chrome is a web browser developed by Google (Google). A remote attacker could exploit this vulnerability to trigger 'world-writable' via an unknown vector, causing a denial of service or other unspecified effects. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA51210 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51210/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51210 RELEASE DATE: 2012-11-07 DISCUSS ADVISORY: http://secunia.com/advisories/51210/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/51210/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=51210 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. 1) The application bundles a vulnerable version of Adobe Flash Player. For more information: SA51213 2) An integer overflow error exists in WebP handling. 3) An error in v8 can be exploited to cause an out-of-bounds array access. 4) A use-after-free error exists in SVG filter handling. 5) An error exists related to integer boundary checks within GPU command buffers. 6) A use-after-free error exists in video layout handling. 7) An error exists related to inappropriate loading of SVG subresource in "img" context. 8) A race condition error exists in Pepper buffer handling. 9) A type casting error exists in certain input handling. 10) An error in Skia can be exploited to cause an out-of-bounds read. 11) An error in texture handling can be exploited to corrupt memory. 12) A use-after-free error exists in extension tab handling. 13) A use-after-free error exists in plug-in placeholder handling. 14) An error in v8 can be exploited to corrupt memory. SOLUTION: Upgrade to version 23.0.1271.64. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Phil Turnbull 3, 6) Atte Kettunen, OUSPG. 4, 5) miaubiz 7) Felix Gr\xf6bert, Google Security Team 8) Fermin Serna, Google Security Team 9, 10, 13) Inferno, Google Chrome Security Team 11) Al Patrick, Chromium development community 12) Alexander Potapenko, Chromium development community 14) Cris Neckar, Google Chrome Security Team ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2012-5115 // JVNDB: JVNDB-2012-005277 // BID: 56413 // VULHUB: VHN-58396 // PACKETSTORM: 117960

AFFECTED PRODUCTS

vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.10	Trust: 1.6
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.20	Trust: 1.6
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.53	Trust: 1.6
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.11	Trust: 1.6
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.13	Trust: 1.6
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.15	Trust: 1.6
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.12	Trust: 1.6
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.54	Trust: 1.6
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.52	Trust: 1.6
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.14	Trust: 1.6
vendor:	google	model:	chrome	scope:	lte	version:	23.0.1271.62	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.18	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.26	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.19	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.33	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.16	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.36	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.49	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.38	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.56	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.59	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.22	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.51	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.17	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.55	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.3	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.39	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.57	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.7	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.58	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.31	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.21	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.35	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.23	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.37	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.40	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.46	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.30	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.24	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.1	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.32	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.50	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.41	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.8	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.60	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.61	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.9	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.2	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.0	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.6	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.45	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.5	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.44	Trust: 1.0
vendor:	google	model:	chrome	scope:	eq	version:	23.0.1271.4	Trust: 1.0
vendor:	google	model:	chrome	scope:	lt	version:	23.0.1271.64	Trust: 0.8
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.220	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.101	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.963.83	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	9.0.597.94	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	3.0.195.21	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	5.0.375127	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	12.0.742.100	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.696.57	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	4.1.249.1042	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	19.0.1084.21	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.223	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	21.0.1180.81	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	1.0.154.55	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	1.0.154.46	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.303	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	1.0.154.59	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	18.0.1025.168	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	5.0.375.70	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	1.0.154.36	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.20	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.696.43	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	1.0.154.53	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.300	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	21.0.1180.49	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	3.0.195.32	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	16.0.912.75	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.963.60	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.203	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.105	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.10	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.211	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.18	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	6.0.47255	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	13	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	20.0.1132.43	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.221	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	19.0.1084.52	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.104	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.12	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.213	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.306	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.102	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	10.0.648.204	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	3.0.195.38	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.307	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	5.0.375125	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.551.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.208	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	10.0.648.128	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.19	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	0.2.149.27	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.301	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	2.0.172.43	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	21.0.1180.89	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.1	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.14	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.15	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.205	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.16	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	4.1.2491064	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.17	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.204	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.222	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.215	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	3.0.195.33	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	10.0.648.127	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.696.65	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	1.0.154.65	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.225	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	3.0.195.24	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.21	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	18.0.1025.142	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	22.0.1229.79	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	9.0.597.107	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.302	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.219	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.310	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	16.0.91275	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	5.0.375.55	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.96379	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	2.0.172.33	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.218	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.217	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.224	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.103	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	12.0.742.112	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.696.71	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.100	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	7.0.548.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	6.0.472.59	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	6.0.472.62	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	5.0.37599	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.13	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	12.0.742.91	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.963.78	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	0.3.1549	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	1.0.154.61	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.308	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	9.0.597.84	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.210	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.550.0	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	21.0.1180.82	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.963.56	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	21.0.1180.50	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	2.0.172.37	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	4.0.249.89	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	15.0.874.120	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	22.0.1229.94	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	13.0.782.107	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	14	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.696.77	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.309	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.214	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	20.0.1132.57	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	16	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.209	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	0.2.149.30	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.202	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.226	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.551.1	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	21.0.1180.60	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.96365	Trust: 0.3
vendor:	google	model:	javascript engine	scope:	ne	version:	v83.13.7.5	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	4.1.249.1045	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	20.0.1132.23	Trust: 0.3
vendor:	google	model:	chrome beta	scope:	eq	version:	3.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	19	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	22.0.1229.92	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	4.0.249.78	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.201	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	2.0.172.31	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.11	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.696.68	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11.0.672.2	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	7.0.517.43	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	15.0.874.121	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	12	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	14.0.835.163	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.549.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	7.0.517.44	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	10	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	16.0.912.77	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.304	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.2	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	18.0.1025.151	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	21.0.1180.83	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	18.0.1025.162	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.207	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	13.0.782.112	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	11	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.212	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.305	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.216	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.237	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.344	Trust: 0.3
vendor:	google	model:	javascript engine	scope:	eq	version:	v83.13.7	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	6.0.472.53	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	7.0.517.41	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	15.0.874102	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.206	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	1.0.154.48	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	10.0.648.133	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	21.0.1180.79	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	13.0.782.215	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	10.0.648.205	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.200	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	14.0.835.186	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	1.0.154.64	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	4.0.211.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	ne	version:	23.0.1271.64	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	17.0.963.46	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	21.0.1180.75	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	5.0.37586	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	16.0.912.63	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	4.1.2491059	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	4.1.2491036	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	0.2.149.29	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	14.0.835.202	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	2.0.172.30	Trust: 0.3

sources: BID: 56413 // JVNDB: JVNDB-2012-005277 // CNNVD: CNNVD-201211-138 // NVD: CVE-2012-5115

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-5115
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-5115
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201211-138
value:	HIGH
Trust: 0.6
VULHUB:	VHN-58396
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-5115
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-58396
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-58396 // JVNDB: JVNDB-2012-005277 // CNNVD: CNNVD-201211-138 // NVD: CVE-2012-5115

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-58396 // JVNDB: JVNDB-2012-005277 // NVD: CVE-2012-5115

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201211-138

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201211-138

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-005277

PATCH

title:	Google Chrome	url:	http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja&hl=ja	Trust: 0.8
title:	Stable Channel Release and Beta Channel Update	url:	http://googlechromereleases.blogspot.jp/2012/11/stable-channel-release-and-beta-channel.html	Trust: 0.8
title:	GoogleChrome23.0.1271.97	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=45363	Trust: 0.6

sources: JVNDB: JVNDB-2012-005277 // CNNVD: CNNVD-201211-138

EXTERNAL IDS

db:	NVD	id:	CVE-2012-5115	Trust: 2.8
db:	BID	id:	56413	Trust: 1.4
db:	OSVDB	id:	87084	Trust: 1.1
db:	JVNDB	id:	JVNDB-2012-005277	Trust: 0.8
db:	CNNVD	id:	CNNVD-201211-138	Trust: 0.7
db:	SECUNIA	id:	51210	Trust: 0.7
db:	VULHUB	id:	VHN-58396	Trust: 0.1
db:	PACKETSTORM	id:	117960	Trust: 0.1

sources: VULHUB: VHN-58396 // BID: 56413 // JVNDB: JVNDB-2012-005277 // PACKETSTORM: 117960 // CNNVD: CNNVD-201211-138 // NVD: CVE-2012-5115

REFERENCES

url:	http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html	Trust: 2.0
url:	https://code.google.com/p/chromium/issues/detail?id=149904	Trust: 1.7
url:	http://www.securityfocus.com/bid/56413	Trust: 1.1
url:	http://osvdb.org/87084	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/79861	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5115	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5115	Trust: 0.8
url:	http://secunia.com/advisories/51210	Trust: 0.6
url:	http://www.google.com/chrome	Trust: 0.3
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=51210	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/51210/#comments	Trust: 0.1
url:	http://secunia.com/blog/325/	Trust: 0.1
url:	http://secunia.com/advisories/51210/	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-58396 // BID: 56413 // JVNDB: JVNDB-2012-005277 // PACKETSTORM: 117960 // CNNVD: CNNVD-201211-138 // NVD: CVE-2012-5115

CREDITS

miaubiz, Phil Turnbull, Atte Kettunen of OUSPG, Felix Gr&amp;amp;amp;amp;amp;amp;ouml;bert of the Google Security Team, Fermin Serna of the Google Security Team, Google Chrome Security Team (Inferno) and Cris Neckar of the Google Security Team.

Trust: 0.3

sources: BID: 56413

SOURCES

db:	VULHUB	id:	VHN-58396
db:	BID	id:	56413
db:	JVNDB	id:	JVNDB-2012-005277
db:	PACKETSTORM	id:	117960
db:	CNNVD	id:	CNNVD-201211-138
db:	NVD	id:	CVE-2012-5115

LAST UPDATE DATE

2025-04-11T22:09:04.382000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-58396	date:	2017-08-29T00:00:00
db:	BID	id:	56413	date:	2015-04-13T21:40:00
db:	JVNDB	id:	JVNDB-2012-005277	date:	2012-11-08T00:00:00
db:	CNNVD	id:	CNNVD-201211-138	date:	2012-11-08T00:00:00
db:	NVD	id:	CVE-2012-5115	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-58396	date:	2012-11-07T00:00:00
db:	BID	id:	56413	date:	2012-11-06T00:00:00
db:	JVNDB	id:	JVNDB-2012-005277	date:	2012-11-08T00:00:00
db:	PACKETSTORM	id:	117960	date:	2012-11-08T11:19:15
db:	CNNVD	id:	CNNVD-201211-138	date:	2012-11-08T00:00:00
db:	NVD	id:	CVE-2012-5115	date:	2012-11-07T11:43:14.757