CVE-2012-2842 : Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service o

Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling.

Published 2012-07-12 21:55:06

Updated 2017-09-19 01:35:00

Source Google Inc.

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2012-2842

Probability of exploitation activity in the next 30 days: 2.63%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 89 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2012-2842

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2012-2842

CWE-399

Assigned by: nvd@nist.gov (Primary)

References for CVE-2012-2842

http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html

Apple - Lists.apple.com

CVEs referencing this url
http://code.google.com/p/chromium/issues/detail?id=129898

129898 - Heap-use-after-free in WebCore::CounterNode::lastDescendant - chromium - Monorail
http://support.apple.com/kb/HT5502

About the security content of Safari 6.0.1 - Apple Support

CVEs referencing this url
http://support.apple.com/kb/HT5485

About the security content of iTunes 10.7 - Apple Support

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00009.html

[security-announce] openSUSE-SU-2012:0993-1: important: update for chrom

CVEs referencing this url
http://googlechromereleases.blogspot.com/2012/07/stable-channel-update.html

Chrome Releases: Stable Channel Update
Vendor Advisory

CVEs referencing this url
http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html

Apple - Lists.apple.com

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15664

Repository / Oval Repository

Products affected by CVE-2012-2842

Google » Chrome
Versions up to, including, (<=) 20.0.1132.56
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.17
cpe:2.3:a:google:chrome:20.0.1132.17:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.6
cpe:2.3:a:google:chrome:20.0.1132.6:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.9
cpe:2.3:a:google:chrome:20.0.1132.9:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.21
cpe:2.3:a:google:chrome:20.0.1132.21:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.0
cpe:2.3:a:google:chrome:20.0.1132.0:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.29
cpe:2.3:a:google:chrome:20.0.1132.29:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.40
cpe:2.3:a:google:chrome:20.0.1132.40:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.39
cpe:2.3:a:google:chrome:20.0.1132.39:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.18
cpe:2.3:a:google:chrome:20.0.1132.18:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.19
cpe:2.3:a:google:chrome:20.0.1132.19:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.14
cpe:2.3:a:google:chrome:20.0.1132.14:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.7
cpe:2.3:a:google:chrome:20.0.1132.7:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.4
cpe:2.3:a:google:chrome:20.0.1132.4:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.22
cpe:2.3:a:google:chrome:20.0.1132.22:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.23
cpe:2.3:a:google:chrome:20.0.1132.23:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.30
cpe:2.3:a:google:chrome:20.0.1132.30:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.31
cpe:2.3:a:google:chrome:20.0.1132.31:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.15
cpe:2.3:a:google:chrome:20.0.1132.15:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.12
cpe:2.3:a:google:chrome:20.0.1132.12:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.13
cpe:2.3:a:google:chrome:20.0.1132.13:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.5
cpe:2.3:a:google:chrome:20.0.1132.5:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.10
cpe:2.3:a:google:chrome:20.0.1132.10:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.24
cpe:2.3:a:google:chrome:20.0.1132.24:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.3
cpe:2.3:a:google:chrome:20.0.1132.3:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.25
cpe:2.3:a:google:chrome:20.0.1132.25:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.26
cpe:2.3:a:google:chrome:20.0.1132.26:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.36
cpe:2.3:a:google:chrome:20.0.1132.36:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.35
cpe:2.3:a:google:chrome:20.0.1132.35:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.32
cpe:2.3:a:google:chrome:20.0.1132.32:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.38
cpe:2.3:a:google:chrome:20.0.1132.38:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.37
cpe:2.3:a:google:chrome:20.0.1132.37:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.41
cpe:2.3:a:google:chrome:20.0.1132.41:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.20
cpe:2.3:a:google:chrome:20.0.1132.20:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.16
cpe:2.3:a:google:chrome:20.0.1132.16:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.11
cpe:2.3:a:google:chrome:20.0.1132.11:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.8
cpe:2.3:a:google:chrome:20.0.1132.8:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.2
cpe:2.3:a:google:chrome:20.0.1132.2:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.1
cpe:2.3:a:google:chrome:20.0.1132.1:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.27
cpe:2.3:a:google:chrome:20.0.1132.27:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.28
cpe:2.3:a:google:chrome:20.0.1132.28:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.34
cpe:2.3:a:google:chrome:20.0.1132.34:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.33
cpe:2.3:a:google:chrome:20.0.1132.33:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.45
cpe:2.3:a:google:chrome:20.0.1132.45:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.46
cpe:2.3:a:google:chrome:20.0.1132.46:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.47
cpe:2.3:a:google:chrome:20.0.1132.47:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.54
cpe:2.3:a:google:chrome:20.0.1132.54:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.55
cpe:2.3:a:google:chrome:20.0.1132.55:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.42
cpe:2.3:a:google:chrome:20.0.1132.42:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 20.0.1132.43
cpe:2.3:a:google:chrome:20.0.1132.43:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2012-2842

Exploit prediction scoring system (EPSS) score for CVE-2012-2842

CVSS scores for CVE-2012-2842

CWE ids for CVE-2012-2842

References for CVE-2012-2842

Products affected by CVE-2012-2842