Google : Security Vulnerabilities, CVEs, Published In November 2012 (Overflow)
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.
Max CVSS
6.8
EPSS Score
5.21%
Published
2012-11-28
Updated
2017-08-29
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
0.80%
Published
2012-11-07
Updated
2017-09-19
Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image.
Max CVSS
7.5
EPSS Score
1.03%
Published
2012-11-07
Updated
2017-09-19
Google Chrome before 23.0.1271.64 does not properly handle textures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
1.20%
Published
2012-11-07
Updated
2017-09-19
Skia, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Max CVSS
5.0
EPSS Score
1.85%
Published
2012-11-07
Updated
2017-09-19
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array.
Max CVSS
7.5
EPSS Score
0.80%
Published
2012-11-07
Updated
2017-08-29
Google Chrome before 23.0.1271.64 on Mac OS X does not properly mitigate improper write behavior in graphics drivers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger "wild writes."
Max CVSS
7.5
EPSS Score
0.80%
Published
2012-11-07
Updated
2017-08-29
Integer overflow in diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service via an application that uses crafted arguments in a local diagchar_ioctl call.
Max CVSS
6.8
EPSS Score
0.10%
Published
2012-11-30
Updated
2013-10-11
8 vulnerabilities found