CVE-2012-2807

Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://code.google.com/p/chromium/issues/detail?id=129930
http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html	Vendor Advisory
https://hermes.opensuse.org/messages/15075728
http://www.debian.org/security/2012/dsa-2521
https://hermes.opensuse.org/messages/15375990
http://www.ubuntu.com/usn/USN-1587-1
http://www.securityfocus.com/bid/54718
http://secunia.com/advisories/50800
http://www.mandriva.com/security/advisories?name=MDVSA-2012:126
http://secunia.com/advisories/50658
http://www.mandriva.com/security/advisories?name=MDVSA-2013:056
http://support.apple.com/kb/HT5934
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
http://secunia.com/advisories/54886	Vendor Advisory
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
http://secunia.com/advisories/55568
http://support.apple.com/kb/HT6001

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:google:chrome:20.0.1132.16:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.17:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.9:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.21:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.0:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.29:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.28:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.40:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.18:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.19:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.15:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.14:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.26:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.2:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.11:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.3:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.25:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.24:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.32:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.8:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.7:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.5:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.27:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.1:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.35:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.20:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.33:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.10:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.36:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.12:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.13:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.6:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.34:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.37:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.22:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.30:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.41:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.38:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.31:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.4:::::::*
	cpe:2.3:a:google:chrome::::::::
	cpe:2.3:a:google:chrome:20.0.1132.23:::::::*
	cpe:2.3:a:google:chrome:20.0.1132.39:::::::*

cpe:2.3:o:linux:linux_kernel:*:*:64-bit:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:apple:iphone_os:1.0.0:::::::*
	cpe:2.3:o:apple:iphone_os:1.0.1:::::::*
	cpe:2.3:o:apple:iphone_os:1.1.5:::::::*
	cpe:2.3:o:apple:iphone_os:2.0:::::::*
	cpe:2.3:o:apple:iphone_os:2.0.0:::::::*
	cpe:2.3:o:apple:iphone_os:3.0:::::::*
	cpe:2.3:o:apple:iphone_os:3.0.1:::::::*
	cpe:2.3:o:apple:iphone_os:4.0:::::::*
	cpe:2.3:o:apple:iphone_os:4.0.1:::::::*
	cpe:2.3:o:apple:iphone_os:4.3.2:::::::*
	cpe:2.3:o:apple:iphone_os:4.3.3:::::::*
	cpe:2.3:o:apple:iphone_os:3.2:::::::*
	cpe:2.3:o:apple:iphone_os:3.1.3:::::::*
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:iphone_os:2.2:::::::*
	cpe:2.3:o:apple:iphone_os:1.1.1:::::::*
	cpe:2.3:o:apple:iphone_os:6.1.3:::::::*
	cpe:2.3:o:apple:iphone_os:5.1:::::::*
	cpe:2.3:o:apple:iphone_os:4.2.8:::::::*
	cpe:2.3:o:apple:iphone_os:6.0.2:::::::*
	cpe:2.3:o:apple:iphone_os:4.2.5:::::::*
	cpe:2.3:o:apple:iphone_os:1.1.2:::::::*
	cpe:2.3:o:apple:iphone_os:1.1.3:::::::*
	cpe:2.3:o:apple:iphone_os:2.1:::::::*
	cpe:2.3:o:apple:iphone_os:4.2.1:::::::*
	cpe:2.3:o:apple:iphone_os:5.0.1:::::::*
	cpe:2.3:o:apple:iphone_os:2.1.1:::::::*
	cpe:2.3:o:apple:iphone_os:1.1.4:::::::*
	cpe:2.3:o:apple:iphone_os:4.3.0:::::::*
	cpe:2.3:o:apple:iphone_os:2.2.1:::::::*
	cpe:2.3:o:apple:iphone_os:3.2.1:::::::*
	cpe:2.3:o:apple:iphone_os:3.2.2:::::::*
	cpe:2.3:o:apple:iphone_os:6.0.1:::::::*
	cpe:2.3:o:apple:iphone_os:6.1.2:::::::*
	cpe:2.3:o:apple:iphone_os:1.0.2:::::::*
	cpe:2.3:o:apple:iphone_os:4.0.2:::::::*
	cpe:2.3:o:apple:iphone_os:4.1:::::::*
	cpe:2.3:o:apple:iphone_os:3.1.2:::::::*
	cpe:2.3:o:apple:iphone_os:4.3.1:::::::*
	cpe:2.3:o:apple:iphone_os:3.1:::::::*
	cpe:2.3:o:apple:iphone_os:1.1.0:::::::*
	cpe:2.3:o:apple:iphone_os:6.0:::::::*
	cpe:2.3:o:apple:iphone_os:4.3.5:::::::*
	cpe:2.3:o:apple:iphone_os:6.1:::::::*
	cpe:2.3:o:apple:iphone_os:5.0:::::::*
	cpe:2.3:o:apple:iphone_os:5.1.1:::::::*
	cpe:2.3:o:apple:iphone_os:2.0.2:::::::*
	cpe:2.3:o:apple:iphone_os:2.0.1:::::::*

Information

Published : 2012-06-27 03:18

Updated : 2014-01-27 20:45

NVD link : CVE-2012-2807

Mitre link : CVE-2012-2807

JSON object : View

CWE

CWE-189

Numeric Errors

Products Affected

apple

iphone_os

google

chrome

linux

linux_kernel

6.8 /10