CVE-2012-2866

Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html	Vendor Advisory
http://code.google.com/p/chromium/issues/detail?id=134897	Patch Issue Tracking
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00030.html	Third Party Advisory
http://osvdb.org/85031
https://exchange.xforce.ibmcloud.com/vulnerabilities/78175
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15609

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:opensuse:opensuse:12.2:::::::*
	cpe:2.3:o:opensuse:opensuse:12.1:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:google:chrome:21.0.1180.74:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.81:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.82:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.61:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.63:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.69:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.36:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.1:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.0:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.52:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.53:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.73:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.77:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.46:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.79:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.71:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.78:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.31:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.37:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.49:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.33:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.87:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.57:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.85:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.56:::::::*
	cpe:2.3:a:google:chrome::::::::
	cpe:2.3:a:google:chrome:21.0.1180.64:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.32:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.70:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.41:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.68:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.86:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.80:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.62:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.76:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.55:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.38:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.2:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.50:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.83:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.60:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.84:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.48:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.51:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.35:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.72:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.39:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.59:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.75:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.47:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.54:::::::*
	cpe:2.3:a:google:chrome:21.0.1180.34:::::::*

Information

Published : 2012-08-31 12:55

Updated : 2018-10-30 09:27

NVD link : CVE-2012-2866

Mitre link : CVE-2012-2866

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

google

chrome

opensuse

opensuse

7.5 /10