[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-5136Date: (C)2012-11-28   (M)2023-12-22


Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1027815
BID-56684
OSVDB-87885
IAVM:2012-B-0114
google-input-element-code-exec(80296)
http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html
https://code.google.com/p/chromium/issues/detail?id=159829
openSUSE-SU-2012:1637
oval:org.mitre.oval:def:15929

CPE    64
cpe:/a:google:chrome:23.0.1271.38
cpe:/a:google:chrome:23.0.1271.39
cpe:/a:google:chrome:23.0.1271.36
cpe:/a:google:chrome:23.0.1271.37
...
CWE    1
CWE-20
OVAL    9
oval:org.secpod.oval:def:400451
oval:org.secpod.oval:def:8128
oval:org.secpod.oval:def:8121
oval:org.secpod.oval:def:8122
...

© SecPod Technologies