6.8

CVE-2012-5136

Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version <= 23.0.1271.89
GoogleChrome Version23.0.1271.0
GoogleChrome Version23.0.1271.1
GoogleChrome Version23.0.1271.2
GoogleChrome Version23.0.1271.3
GoogleChrome Version23.0.1271.4
GoogleChrome Version23.0.1271.5
GoogleChrome Version23.0.1271.6
GoogleChrome Version23.0.1271.7
GoogleChrome Version23.0.1271.8
GoogleChrome Version23.0.1271.9
GoogleChrome Version23.0.1271.10
GoogleChrome Version23.0.1271.11
GoogleChrome Version23.0.1271.12
GoogleChrome Version23.0.1271.13
GoogleChrome Version23.0.1271.14
GoogleChrome Version23.0.1271.15
GoogleChrome Version23.0.1271.16
GoogleChrome Version23.0.1271.17
GoogleChrome Version23.0.1271.18
GoogleChrome Version23.0.1271.19
GoogleChrome Version23.0.1271.20
GoogleChrome Version23.0.1271.21
GoogleChrome Version23.0.1271.22
GoogleChrome Version23.0.1271.23
GoogleChrome Version23.0.1271.24
GoogleChrome Version23.0.1271.26
GoogleChrome Version23.0.1271.30
GoogleChrome Version23.0.1271.31
GoogleChrome Version23.0.1271.32
GoogleChrome Version23.0.1271.33
GoogleChrome Version23.0.1271.35
GoogleChrome Version23.0.1271.36
GoogleChrome Version23.0.1271.37
GoogleChrome Version23.0.1271.38
GoogleChrome Version23.0.1271.39
GoogleChrome Version23.0.1271.40
GoogleChrome Version23.0.1271.41
GoogleChrome Version23.0.1271.44
GoogleChrome Version23.0.1271.45
GoogleChrome Version23.0.1271.46
GoogleChrome Version23.0.1271.49
GoogleChrome Version23.0.1271.50
GoogleChrome Version23.0.1271.51
GoogleChrome Version23.0.1271.52
GoogleChrome Version23.0.1271.53
GoogleChrome Version23.0.1271.54
GoogleChrome Version23.0.1271.55
GoogleChrome Version23.0.1271.56
GoogleChrome Version23.0.1271.57
GoogleChrome Version23.0.1271.58
GoogleChrome Version23.0.1271.59
GoogleChrome Version23.0.1271.60
GoogleChrome Version23.0.1271.61
GoogleChrome Version23.0.1271.62
GoogleChrome Version23.0.1271.64
GoogleChrome Version23.0.1271.83
GoogleChrome Version23.0.1271.84
GoogleChrome Version23.0.1271.85
GoogleChrome Version23.0.1271.86
GoogleChrome Version23.0.1271.87
GoogleChrome Version23.0.1271.88
OpensuseOpensuse Version12.1
OpensuseOpensuse Version12.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.35% 0.677
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html
http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html
http://www.securityfocus.com/bid/56684
http://www.securitytracker.com/id?1027815
http://osvdb.org/87885
https://code.google.com/p/chromium/issues/detail?id=159829
https://exchange.xforce.ibmcloud.com/vulnerabilities/80296
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15929