Lucene search

[email protected]NVD:CVE-2012-2882

HistorySep 26, 2012 - 10:56 a.m.

CVE-2012-2882

2012-09-2610:56:04

CWE-20

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.5 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.6%

JSON

FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a “wild pointer” issue.

Affected configurations

NVD

Node

googlechromeRange≤22.0.1229.78

googlechromeMatch22.0.1229.0

googlechromeMatch22.0.1229.1

googlechromeMatch22.0.1229.2

googlechromeMatch22.0.1229.3

googlechromeMatch22.0.1229.4

googlechromeMatch22.0.1229.6

googlechromeMatch22.0.1229.7

googlechromeMatch22.0.1229.8

googlechromeMatch22.0.1229.9

googlechromeMatch22.0.1229.10

googlechromeMatch22.0.1229.11

googlechromeMatch22.0.1229.12

googlechromeMatch22.0.1229.14

googlechromeMatch22.0.1229.16

googlechromeMatch22.0.1229.17

googlechromeMatch22.0.1229.18

googlechromeMatch22.0.1229.20

googlechromeMatch22.0.1229.21

googlechromeMatch22.0.1229.22

googlechromeMatch22.0.1229.23

googlechromeMatch22.0.1229.24

googlechromeMatch22.0.1229.25

googlechromeMatch22.0.1229.26

googlechromeMatch22.0.1229.27

googlechromeMatch22.0.1229.28

googlechromeMatch22.0.1229.29

googlechromeMatch22.0.1229.31

googlechromeMatch22.0.1229.32

googlechromeMatch22.0.1229.33

googlechromeMatch22.0.1229.35

googlechromeMatch22.0.1229.36

googlechromeMatch22.0.1229.37

googlechromeMatch22.0.1229.39

googlechromeMatch22.0.1229.48

googlechromeMatch22.0.1229.49

googlechromeMatch22.0.1229.50

googlechromeMatch22.0.1229.51

googlechromeMatch22.0.1229.52

googlechromeMatch22.0.1229.53

googlechromeMatch22.0.1229.54

googlechromeMatch22.0.1229.55

googlechromeMatch22.0.1229.56

googlechromeMatch22.0.1229.57

googlechromeMatch22.0.1229.58

googlechromeMatch22.0.1229.59

googlechromeMatch22.0.1229.60

googlechromeMatch22.0.1229.62

googlechromeMatch22.0.1229.63

googlechromeMatch22.0.1229.64

googlechromeMatch22.0.1229.65

googlechromeMatch22.0.1229.67

googlechromeMatch22.0.1229.76

Node

opensuseopensuseMatch12.1

opensuseopensuseMatch12.2

References

googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html

lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html

chromiumcodereview.appspot.com/10829204

code.google.com/p/chromium/issues/detail?id=140647

exchange.xforce.ibmcloud.com/vulnerabilities/78839

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15688

src.chromium.org/viewvc/chrome?view=rev&revision=150239

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.5 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.6%

JSON

Related for NVD:CVE-2012-2882

prion1 cve1 ubuntucve1 debiancve1 cvelist1 suse1 openvas12 nessus6 freebsd1 threatpost1 chrome1 gentoo1