CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
88.4%
Versions of Google Chrome earlier than 23.0.1271.64 are potentially affected by the following vulnerabilities :
Use-after-free errors exist related to SVG filter handling, video layout, extension tab handling and plug-in placeholder handling. (CVE-2012-5116, CVE-2012-5121, CVE-2012-5125, CVE-2012-5126)
An error exists related to inappropriate SVG subresource loading in the ‘img’ context. (CVE-2012-5117)
A race condition exists related to ‘Pepper’ buffer handling. (CVE-2012-5119)
A bad cast error exists related to input handling. (CVE-2012-5122)
Out-of-bounds reads exist related to Skia. (CVE-2012-5123)
A memory corruption error exists related to texture handling. (CVE-2012-5124)
An integer overflow error exists related to ‘WebP’ handling. This error can lead to out-of-bounds reads. (CVE-2012-5127)
An improper write error exists related to the ‘v8’ JavaScript engine. (CVE-2012-5128)
Successful exploitation of any of these issues could lead to an application crash or even allow arbitrary code execution, subject to the user’s privileges.
Binary data 800919.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5116
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5117
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5119
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5121
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5122
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5123
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5124
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5125
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5126
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5127
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5128
www.nessus.org/u?90289ffe