Vulnerability Details : CVE-2012-5142
Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Vulnerability category: Execute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2012-5142
Probability of exploitation activity in the next 30 days: 0.91%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 81 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-5142
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2012-5142
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-5142
-
https://code.google.com/p/chromium/issues/detail?id=160803
160803 - Security: ugly crash with history.replaceState() while the window displays HTTPS interstitial - chromium - MonorailPatch;Issue Tracking
-
http://lists.opensuse.org/opensuse-updates/2012-12/msg00073.html
openSUSE-SU-2012:1682-1: moderate: update for chromiumThird Party Advisory
-
http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html
Chrome Releases: Stable Channel UpdateVendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16173
Repository / Oval Repository
Products affected by CVE-2012-5142
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.55:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.54:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.58:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.57:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.56:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.49:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.61:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.53:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.52:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.40:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.60:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.59:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.51:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.24:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.88:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.83:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.84:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.85:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.86:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.87:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.64:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.62:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.89:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.91:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.92:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.93:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.94:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:23.0.1271.95:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*