Lucene search

[email protected]CVE-2012-2868

HistoryAug 31, 2012 - 7:55 p.m.

CVE-2012-2868

2012-08-3119:55:00

CWE-362

[email protected]

web.nvd.nist.gov

google chrome

cve-2012-2868

race condition

denial of service

remote attackers

xmlhttprequest

xhr

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.2 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.4%

JSON

Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object.

Affected configurations

NVD

Node

opensuseopensuseMatch12.1

opensuseopensuseMatch12.2

Node

googlechromeRange≤21.0.1180.88

googlechromeMatch21.0.1180.0

googlechromeMatch21.0.1180.1

googlechromeMatch21.0.1180.2

googlechromeMatch21.0.1180.31

googlechromeMatch21.0.1180.32

googlechromeMatch21.0.1180.33

googlechromeMatch21.0.1180.34

googlechromeMatch21.0.1180.35

googlechromeMatch21.0.1180.36

googlechromeMatch21.0.1180.37

googlechromeMatch21.0.1180.38

googlechromeMatch21.0.1180.39

googlechromeMatch21.0.1180.41

googlechromeMatch21.0.1180.46

googlechromeMatch21.0.1180.47

googlechromeMatch21.0.1180.48

googlechromeMatch21.0.1180.49

googlechromeMatch21.0.1180.50

googlechromeMatch21.0.1180.51

googlechromeMatch21.0.1180.52

googlechromeMatch21.0.1180.53

googlechromeMatch21.0.1180.54

googlechromeMatch21.0.1180.55

googlechromeMatch21.0.1180.56

googlechromeMatch21.0.1180.57

googlechromeMatch21.0.1180.59

googlechromeMatch21.0.1180.60

googlechromeMatch21.0.1180.61

googlechromeMatch21.0.1180.62

googlechromeMatch21.0.1180.63

googlechromeMatch21.0.1180.64

googlechromeMatch21.0.1180.68

googlechromeMatch21.0.1180.69

googlechromeMatch21.0.1180.70

googlechromeMatch21.0.1180.71

googlechromeMatch21.0.1180.72

googlechromeMatch21.0.1180.73

googlechromeMatch21.0.1180.74

googlechromeMatch21.0.1180.75

googlechromeMatch21.0.1180.76

googlechromeMatch21.0.1180.77

googlechromeMatch21.0.1180.78

googlechromeMatch21.0.1180.79

googlechromeMatch21.0.1180.80

googlechromeMatch21.0.1180.81

googlechromeMatch21.0.1180.82

googlechromeMatch21.0.1180.83

googlechromeMatch21.0.1180.84

googlechromeMatch21.0.1180.85

googlechromeMatch21.0.1180.86

googlechromeMatch21.0.1180.87

CPENameOperatorVersion
opensuse:opensuseopensuseeq12.1
opensuse:opensuseopensuseeq12.2

CPE	Name	Operator	Version
opensuse:opensuse	opensuse	eq	12.1
opensuse:opensuse	opensuse	eq	12.2

References

code.google.com/p/chromium/issues/detail?id=136881

googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html

osvdb.org/85033

exchange.xforce.ibmcloud.com/vulnerabilities/78177

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15842

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.2 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.4%

JSON

Related for CVE-2012-2868

prion1 cvelist1 nvd1 debiancve1 ubuntucve1 freebsd1 nessus6 suse1 openvas12 chrome1 gentoo1