Lucene search

[email protected]NVD:CVE-2012-5138

HistoryDec 04, 2012 - 6:05 a.m.

CVE-2012-5138

2012-12-0406:05:55

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.0%

JSON

Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors.

Affected configurations

NVD

Node

googlechromeRange≤23.0.1271.94

googlechromeMatch23.0.1271.0

googlechromeMatch23.0.1271.1

googlechromeMatch23.0.1271.2

googlechromeMatch23.0.1271.3

googlechromeMatch23.0.1271.4

googlechromeMatch23.0.1271.5

googlechromeMatch23.0.1271.6

googlechromeMatch23.0.1271.7

googlechromeMatch23.0.1271.8

googlechromeMatch23.0.1271.9

googlechromeMatch23.0.1271.10

googlechromeMatch23.0.1271.11

googlechromeMatch23.0.1271.12

googlechromeMatch23.0.1271.13

googlechromeMatch23.0.1271.14

googlechromeMatch23.0.1271.15

googlechromeMatch23.0.1271.16

googlechromeMatch23.0.1271.17

googlechromeMatch23.0.1271.18

googlechromeMatch23.0.1271.19

googlechromeMatch23.0.1271.20

googlechromeMatch23.0.1271.21

googlechromeMatch23.0.1271.22

googlechromeMatch23.0.1271.23

googlechromeMatch23.0.1271.24

googlechromeMatch23.0.1271.26

googlechromeMatch23.0.1271.30

googlechromeMatch23.0.1271.31

googlechromeMatch23.0.1271.32

googlechromeMatch23.0.1271.33

googlechromeMatch23.0.1271.35

googlechromeMatch23.0.1271.36

googlechromeMatch23.0.1271.37

googlechromeMatch23.0.1271.38

googlechromeMatch23.0.1271.39

googlechromeMatch23.0.1271.40

googlechromeMatch23.0.1271.41

googlechromeMatch23.0.1271.44

googlechromeMatch23.0.1271.45

googlechromeMatch23.0.1271.46

googlechromeMatch23.0.1271.49

googlechromeMatch23.0.1271.50

googlechromeMatch23.0.1271.51

googlechromeMatch23.0.1271.52

googlechromeMatch23.0.1271.53

googlechromeMatch23.0.1271.54

googlechromeMatch23.0.1271.55

googlechromeMatch23.0.1271.56

googlechromeMatch23.0.1271.57

googlechromeMatch23.0.1271.58

googlechromeMatch23.0.1271.59

googlechromeMatch23.0.1271.60

googlechromeMatch23.0.1271.61

googlechromeMatch23.0.1271.62

googlechromeMatch23.0.1271.64

googlechromeMatch23.0.1271.83

googlechromeMatch23.0.1271.84

googlechromeMatch23.0.1271.85

googlechromeMatch23.0.1271.86

googlechromeMatch23.0.1271.87

googlechromeMatch23.0.1271.88

googlechromeMatch23.0.1271.89

googlechromeMatch23.0.1271.91

googlechromeMatch23.0.1271.92

googlechromeMatch23.0.1271.93

Node

opensuseopensuseMatch12.1

opensuseopensuseMatch12.2

References

googlechromereleases.blogspot.com/2012/11/stable-channel-update_29.html

lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html

secunia.com/advisories/51447

www.securityfocus.com/bid/56741

code.google.com/p/chromium/issues/detail?id=161564

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15638

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.0%

JSON

Related for NVD:CVE-2012-5138

ubuntucve1 cve1 debiancve1 prion1 cvelist1 openvas13 nessus6 chrome1 freebsd1 threatpost1 suse1 gentoo1