Lucene search

[email protected]CVE-2012-5141

HistoryDec 12, 2012 - 11:38 a.m.

CVE-2012-5141

2012-12-1211:38:44

[email protected]

web.nvd.nist.gov

cve-2012-5141

google chrome

vulnerability

instantiation restriction

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.5%

JSON

Google Chrome before 23.0.1271.97 does not properly restrict instantiation of the Chromoting client plug-in, which has unspecified impact and attack vectors.

Affected configurations

NVD

Node

opensuseopensuseMatch12.1

opensuseopensuseMatch12.2

Node

googlechromeRange≤23.0.1271.96

googlechromeMatch23.0.1271.0

googlechromeMatch23.0.1271.1

googlechromeMatch23.0.1271.2

googlechromeMatch23.0.1271.3

googlechromeMatch23.0.1271.4

googlechromeMatch23.0.1271.5

googlechromeMatch23.0.1271.6

googlechromeMatch23.0.1271.7

googlechromeMatch23.0.1271.8

googlechromeMatch23.0.1271.9

googlechromeMatch23.0.1271.10

googlechromeMatch23.0.1271.11

googlechromeMatch23.0.1271.12

googlechromeMatch23.0.1271.13

googlechromeMatch23.0.1271.14

googlechromeMatch23.0.1271.15

googlechromeMatch23.0.1271.16

googlechromeMatch23.0.1271.17

googlechromeMatch23.0.1271.18

googlechromeMatch23.0.1271.19

googlechromeMatch23.0.1271.20

googlechromeMatch23.0.1271.21

googlechromeMatch23.0.1271.22

googlechromeMatch23.0.1271.23

googlechromeMatch23.0.1271.24

googlechromeMatch23.0.1271.26

googlechromeMatch23.0.1271.30

googlechromeMatch23.0.1271.31

googlechromeMatch23.0.1271.32

googlechromeMatch23.0.1271.33

googlechromeMatch23.0.1271.35

googlechromeMatch23.0.1271.36

googlechromeMatch23.0.1271.37

googlechromeMatch23.0.1271.38

googlechromeMatch23.0.1271.39

googlechromeMatch23.0.1271.40

googlechromeMatch23.0.1271.41

googlechromeMatch23.0.1271.44

googlechromeMatch23.0.1271.45

googlechromeMatch23.0.1271.46

googlechromeMatch23.0.1271.49

googlechromeMatch23.0.1271.50

googlechromeMatch23.0.1271.51

googlechromeMatch23.0.1271.52

googlechromeMatch23.0.1271.53

googlechromeMatch23.0.1271.54

googlechromeMatch23.0.1271.55

googlechromeMatch23.0.1271.56

googlechromeMatch23.0.1271.57

googlechromeMatch23.0.1271.58

googlechromeMatch23.0.1271.59

googlechromeMatch23.0.1271.60

googlechromeMatch23.0.1271.61

googlechromeMatch23.0.1271.62

googlechromeMatch23.0.1271.64

googlechromeMatch23.0.1271.83

googlechromeMatch23.0.1271.84

googlechromeMatch23.0.1271.85

googlechromeMatch23.0.1271.86

googlechromeMatch23.0.1271.87

googlechromeMatch23.0.1271.88

googlechromeMatch23.0.1271.89

googlechromeMatch23.0.1271.91

googlechromeMatch23.0.1271.92

googlechromeMatch23.0.1271.93

googlechromeMatch23.0.1271.94

googlechromeMatch23.0.1271.95

CPENameOperatorVersion
opensuse:opensuseopensuseeq12.1
opensuse:opensuseopensuseeq12.2

CPE	Name	Operator	Version
opensuse:opensuse	opensuse	eq	12.1
opensuse:opensuse	opensuse	eq	12.2

References

googlechromereleases.blogspot.com/2012/12/stable-channel-update.html

lists.opensuse.org/opensuse-updates/2012-12/msg00073.html

code.google.com/p/chromium/issues/detail?id=160456

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15428

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.5%

JSON

Related for CVE-2012-5141

ubuntucve1 nvd1 debiancve1 cvelist1 prion1 threatpost1 openvas7 nessus6 freebsd1 chrome1 gentoo1