CVE-2012-5136

EPSS 1.25%
Veröffentlicht 28.11.2012 01:55:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle chrome-cve-admin@google.com
CVE-Watchlists
Login
Unerledigt
Login

Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Google ≫ Chrome Version <= 23.0.1271.89

Google ≫ Chrome Version23.0.1271.0

Google ≫ Chrome Version23.0.1271.1

Google ≫ Chrome Version23.0.1271.2

Google ≫ Chrome Version23.0.1271.3

Google ≫ Chrome Version23.0.1271.4

Google ≫ Chrome Version23.0.1271.5

Google ≫ Chrome Version23.0.1271.6

Google ≫ Chrome Version23.0.1271.7

Google ≫ Chrome Version23.0.1271.8

Google ≫ Chrome Version23.0.1271.9

Google ≫ Chrome Version23.0.1271.10

Google ≫ Chrome Version23.0.1271.11

Google ≫ Chrome Version23.0.1271.12

Google ≫ Chrome Version23.0.1271.13

Google ≫ Chrome Version23.0.1271.14

Google ≫ Chrome Version23.0.1271.15

Google ≫ Chrome Version23.0.1271.16

Google ≫ Chrome Version23.0.1271.17

Google ≫ Chrome Version23.0.1271.18

Google ≫ Chrome Version23.0.1271.19

Google ≫ Chrome Version23.0.1271.20

Google ≫ Chrome Version23.0.1271.21

Google ≫ Chrome Version23.0.1271.22

Google ≫ Chrome Version23.0.1271.23

Google ≫ Chrome Version23.0.1271.24

Google ≫ Chrome Version23.0.1271.26

Google ≫ Chrome Version23.0.1271.30

Google ≫ Chrome Version23.0.1271.31

Google ≫ Chrome Version23.0.1271.32

Google ≫ Chrome Version23.0.1271.33

Google ≫ Chrome Version23.0.1271.35

Google ≫ Chrome Version23.0.1271.36

Google ≫ Chrome Version23.0.1271.37

Google ≫ Chrome Version23.0.1271.38

Google ≫ Chrome Version23.0.1271.39

Google ≫ Chrome Version23.0.1271.40

Google ≫ Chrome Version23.0.1271.41

Google ≫ Chrome Version23.0.1271.44

Google ≫ Chrome Version23.0.1271.45

Google ≫ Chrome Version23.0.1271.46

Google ≫ Chrome Version23.0.1271.49

Google ≫ Chrome Version23.0.1271.50

Google ≫ Chrome Version23.0.1271.51

Google ≫ Chrome Version23.0.1271.52

Google ≫ Chrome Version23.0.1271.53

Google ≫ Chrome Version23.0.1271.54

Google ≫ Chrome Version23.0.1271.55

Google ≫ Chrome Version23.0.1271.56

Google ≫ Chrome Version23.0.1271.57

Google ≫ Chrome Version23.0.1271.58

Google ≫ Chrome Version23.0.1271.59

Google ≫ Chrome Version23.0.1271.60

Google ≫ Chrome Version23.0.1271.61

Google ≫ Chrome Version23.0.1271.62

Google ≫ Chrome Version23.0.1271.64

Google ≫ Chrome Version23.0.1271.83

Google ≫ Chrome Version23.0.1271.84

Google ≫ Chrome Version23.0.1271.85

Google ≫ Chrome Version23.0.1271.86

Google ≫ Chrome Version23.0.1271.87

Google ≫ Chrome Version23.0.1271.88

Opensuse ≫ Opensuse Version12.1

Opensuse ≫ Opensuse Version12.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.25%	0.774

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html

http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html

http://www.securityfocus.com/bid/56684

http://www.securitytracker.com/id?1027815

http://osvdb.org/87885

https://code.google.com/p/chromium/issues/detail?id=159829

https://exchange.xforce.ibmcloud.com/vulnerabilities/80296

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15929

https://nvd.nist.gov/vuln/detail/CVE-2012-5136

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-5136

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-5136

EUVD