Vulnerability Details : CVE-2012-5137
Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API.
Vulnerability category: Memory CorruptionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2012-5137
Probability of exploitation activity in the next 30 days: 0.96%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 82 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-5137
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2012-5137
-
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-5137
-
https://code.google.com/p/chromium/issues/detail?id=162835
162835 - Heap-use-after-free in WebCore::MediaPlayer::sourceSetTimestampOffset [exploitable] - chromium - MonorailPatch;Issue Tracking
-
http://www.securityfocus.com/bid/56741
Google Chrome Prior to 23.0.1271.95 Multiple Security VulnerabilitiesThird Party Advisory;VDB Entry
-
http://googlechromereleases.blogspot.com/2012/11/stable-channel-update_29.html
Chrome Releases: Stable Channel UpdateVendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html
[security-announce] openSUSE-SU-2012:1637-1: important: Chromium to 25.0Third Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15819
Repository / Oval Repository
Products affected by CVE-2012-5137
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.55:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.54:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.58:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.57:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.56:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.49:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.61:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.53:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.52:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.40:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.60:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.59:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.51:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.24:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.88:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.83:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.84:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.85:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.86:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.87:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.64:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.62:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.89:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.91:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.92:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.93:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*