// For flags

CVE-2012-2899

 

Severity Score

4.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigger use of an applewebdata: URL, which allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors involving the document.write method.

Google Chrome anteriores a 21.0.1180.82 en iOS hacen determinadas llamadas incorrectas a métodos WebView que invocan el uso de una URL applewebdata:, lo cual permite a atacantes remotos sortear el la Same Origin Policy y efectuar ataques Universal XSS (UXSS) a través de vectores que incluyen el método document.write.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-05-19 CVE Reserved
  • 2014-01-05 CVE Published
  • 2024-08-06 CVE Updated
  • 2024-11-25 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
<= 21.0.1180.81
Search vendor "Google" for product "Chrome" and version " <= 21.0.1180.81"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.0
Search vendor "Google" for product "Chrome" and version "21.0.1180.0"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.1
Search vendor "Google" for product "Chrome" and version "21.0.1180.1"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.2
Search vendor "Google" for product "Chrome" and version "21.0.1180.2"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.31
Search vendor "Google" for product "Chrome" and version "21.0.1180.31"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.32
Search vendor "Google" for product "Chrome" and version "21.0.1180.32"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.33
Search vendor "Google" for product "Chrome" and version "21.0.1180.33"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.34
Search vendor "Google" for product "Chrome" and version "21.0.1180.34"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.35
Search vendor "Google" for product "Chrome" and version "21.0.1180.35"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.36
Search vendor "Google" for product "Chrome" and version "21.0.1180.36"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.37
Search vendor "Google" for product "Chrome" and version "21.0.1180.37"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.38
Search vendor "Google" for product "Chrome" and version "21.0.1180.38"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.39
Search vendor "Google" for product "Chrome" and version "21.0.1180.39"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.41
Search vendor "Google" for product "Chrome" and version "21.0.1180.41"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.46
Search vendor "Google" for product "Chrome" and version "21.0.1180.46"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.47
Search vendor "Google" for product "Chrome" and version "21.0.1180.47"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.48
Search vendor "Google" for product "Chrome" and version "21.0.1180.48"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.49
Search vendor "Google" for product "Chrome" and version "21.0.1180.49"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.50
Search vendor "Google" for product "Chrome" and version "21.0.1180.50"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.51
Search vendor "Google" for product "Chrome" and version "21.0.1180.51"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.52
Search vendor "Google" for product "Chrome" and version "21.0.1180.52"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.53
Search vendor "Google" for product "Chrome" and version "21.0.1180.53"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.54
Search vendor "Google" for product "Chrome" and version "21.0.1180.54"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.55
Search vendor "Google" for product "Chrome" and version "21.0.1180.55"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.56
Search vendor "Google" for product "Chrome" and version "21.0.1180.56"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.57
Search vendor "Google" for product "Chrome" and version "21.0.1180.57"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.59
Search vendor "Google" for product "Chrome" and version "21.0.1180.59"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.60
Search vendor "Google" for product "Chrome" and version "21.0.1180.60"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.61
Search vendor "Google" for product "Chrome" and version "21.0.1180.61"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.62
Search vendor "Google" for product "Chrome" and version "21.0.1180.62"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.63
Search vendor "Google" for product "Chrome" and version "21.0.1180.63"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.64
Search vendor "Google" for product "Chrome" and version "21.0.1180.64"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.68
Search vendor "Google" for product "Chrome" and version "21.0.1180.68"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.69
Search vendor "Google" for product "Chrome" and version "21.0.1180.69"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.70
Search vendor "Google" for product "Chrome" and version "21.0.1180.70"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.71
Search vendor "Google" for product "Chrome" and version "21.0.1180.71"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.72
Search vendor "Google" for product "Chrome" and version "21.0.1180.72"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.73
Search vendor "Google" for product "Chrome" and version "21.0.1180.73"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.74
Search vendor "Google" for product "Chrome" and version "21.0.1180.74"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.75
Search vendor "Google" for product "Chrome" and version "21.0.1180.75"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.76
Search vendor "Google" for product "Chrome" and version "21.0.1180.76"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.77
Search vendor "Google" for product "Chrome" and version "21.0.1180.77"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.78
Search vendor "Google" for product "Chrome" and version "21.0.1180.78"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.79
Search vendor "Google" for product "Chrome" and version "21.0.1180.79"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
21.0.1180.80
Search vendor "Google" for product "Chrome" and version "21.0.1180.80"
-
Affected
in Apple
Search vendor "Apple"
Ipad2
Search vendor "Apple" for product "Ipad2"
--
Safe