CVSS: 6.8EPSS: 1%CPEs: 55EXPL: 0CVE-2012-2882
https://notcve.org/view.php?id=CVE-2012-2882
FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "wild pointer" issue. FFmpeg usado en Google Chrome anterior a v22.0.1229.79 no maneja adecuadamente los contenedores OGG, lo que permite a atacantes remotos provocar una denegación de servicio u otro tipo de impacto a través de vectores desconocidos relativos al tema "wild pointer". • http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html https://chromiumcodereview.appspot.com/10829204 https://code.google.com/p/chromium/issues/detail?id=140647 https://exchange.xforce.ibmcloud.com/vulnerabilities/78839 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15688 https://src.chromium.org/viewvc/chrome?view=rev&revision=150239 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 55EXPL: 0CVE-2012-2887
https://notcve.org/view.php?id=CVE-2012-2887
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving onclick events. Vulnerabilidad de uso de memoria después de su liberación en Google Chrome anterior a 22.0.1229.79, permite a atacantes remotos provocar una denegación de servicio u otro tipo de impacto a través de vectores relativos a los eventos "onclick". • http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html https://code.google.com/p/chromium/issues/detail?id=143609 https://exchange.xforce.ibmcloud.com/vulnerabilities/78828 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15797 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2896
https://notcve.org/view.php?id=CVE-2012-2896
Integer overflow in the WebGL implementation in Google Chrome before 22.0.1229.79 on Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de desbordamiento de entero en la implementación WebGL en Google Chrome antes de v22.0.1229.79 en Mac OS X, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html https://code.google.com/p/chromium/issues/detail?id=145544 https://exchange.xforce.ibmcloud.com/vulnerabilities/78831 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2012-4907 – Chrome For Android API Exposure
https://notcve.org/view.php?id=CVE-2012-4907
Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page. Google Chrome antes de v18.0.1025308 en Android no restringe correctamente acceso desde el código JavaScript a Android API, lo que permite a atacantes remotos tener un impacto no especificado a través de una página web maliciosa. By abusing Java objects exposed to JavaScript, malicious web pages can execute arbitrary commands on Chrome for Android, if the accessibility setting of the device is enabled. Version 18.0.1025308 was released to address this vulnerability. • http://googlechromereleases.blogspot.com/2012/09/chrome-for-android-update.html https://code.google.com/p/chromium/issues/detail?id=137532 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1CVE-2012-4906 – Google Chrome for Android - Multiple 'file::' URL Handler Local Downloaded Content Disclosure Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-4906
Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4903. Google Chrome antes de v18.0.1025308 en Android no restringe correctamente acceso al archivo: URL, que permite a atacantes remotos obtener información sensible a través de vectores no especificados, como se ha demostrado mediante la obtención de datos de credenciales, una vulnerabilidad diferente a CVE-2012-4903. Chrome for Android suffers from an issue where a malicious application has the ability to steal private information. Version 18.0.1025308 was released to address this vulnerability. • https://www.exploit-db.com/exploits/37793 http://googlechromereleases.blogspot.com/2012/09/chrome-for-android-update.html https://code.google.com/p/chromium/issues/detail?id=144820 • CWE-264: Permissions, Privileges, and Access Controls •