Lucene search

[email protected]CVE-2012-2888

HistorySep 26, 2012 - 10:56 a.m.

CVE-2012-2888

2012-09-2610:56:04

CWE-399

[email protected]

web.nvd.nist.gov

google chrome

cve-2012-2888

use-after-free

vulnerability

denial of service

remote attackers

svg text references

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.2 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.8%

JSON

Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG text references.

Affected configurations

NVD

Node

opensuseopensuseMatch12.1

opensuseopensuseMatch12.2

Node

googlechromeRange≤22.0.1229.78

googlechromeMatch22.0.1229.0

googlechromeMatch22.0.1229.1

googlechromeMatch22.0.1229.2

googlechromeMatch22.0.1229.3

googlechromeMatch22.0.1229.4

googlechromeMatch22.0.1229.6

googlechromeMatch22.0.1229.7

googlechromeMatch22.0.1229.8

googlechromeMatch22.0.1229.9

googlechromeMatch22.0.1229.10

googlechromeMatch22.0.1229.11

googlechromeMatch22.0.1229.12

googlechromeMatch22.0.1229.14

googlechromeMatch22.0.1229.16

googlechromeMatch22.0.1229.17

googlechromeMatch22.0.1229.18

googlechromeMatch22.0.1229.20

googlechromeMatch22.0.1229.21

googlechromeMatch22.0.1229.22

googlechromeMatch22.0.1229.23

googlechromeMatch22.0.1229.24

googlechromeMatch22.0.1229.25

googlechromeMatch22.0.1229.26

googlechromeMatch22.0.1229.27

googlechromeMatch22.0.1229.28

googlechromeMatch22.0.1229.29

googlechromeMatch22.0.1229.31

googlechromeMatch22.0.1229.32

googlechromeMatch22.0.1229.33

googlechromeMatch22.0.1229.35

googlechromeMatch22.0.1229.36

googlechromeMatch22.0.1229.37

googlechromeMatch22.0.1229.39

googlechromeMatch22.0.1229.48

googlechromeMatch22.0.1229.49

googlechromeMatch22.0.1229.50

googlechromeMatch22.0.1229.51

googlechromeMatch22.0.1229.52

googlechromeMatch22.0.1229.53

googlechromeMatch22.0.1229.54

googlechromeMatch22.0.1229.55

googlechromeMatch22.0.1229.56

googlechromeMatch22.0.1229.57

googlechromeMatch22.0.1229.58

googlechromeMatch22.0.1229.59

googlechromeMatch22.0.1229.60

googlechromeMatch22.0.1229.62

googlechromeMatch22.0.1229.63

googlechromeMatch22.0.1229.64

googlechromeMatch22.0.1229.65

googlechromeMatch22.0.1229.67

googlechromeMatch22.0.1229.76

CPENameOperatorVersion
opensuse:opensuseopensuseeq12.1
opensuse:opensuseopensuseeq12.2

CPE	Name	Operator	Version
opensuse:opensuse	opensuse	eq	12.1
opensuse:opensuse	opensuse	eq	12.2

References

googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html

lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html

code.google.com/p/chromium/issues/detail?id=143656

exchange.xforce.ibmcloud.com/vulnerabilities/78829

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15612

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.2 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.8%

JSON

Related for CVE-2012-2888

prion1 debiancve1 cvelist1 nvd1 ubuntucve1 nessus6 openvas12 suse1 freebsd1 threatpost1 chrome1 gentoo1