Vulnerability Details : CVE-2012-5155
Google Chrome before 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors.
Products affected by CVE-2012-5155
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1293.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1294.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1287.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1288.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1308.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1303.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1290.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1290.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1272.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1273.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1274.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1283.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1284.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1278.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1281.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.29:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.28:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.49:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1291.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1292.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1286.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1287.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1304.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1302.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1300.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1299.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1275.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1301.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1285.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1284.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1281.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1280.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1311.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1311.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1305.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1305.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.40:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.48:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1295.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1296.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1288.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1289.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1301.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1309.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1292.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1291.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1277.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1272.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1285.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1284.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1281.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1279.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.24:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1307.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1310.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1305.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1305.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.34:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1306.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1307.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.47:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1297.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1298.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1289.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1290.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1304.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1301.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1298.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1296.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1276.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1276.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1285.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1286.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1281.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1282.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.25:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1312.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1305.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:24.0.1306.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-5155
0.17%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 54 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-5155
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2012-5155
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-5155
-
https://code.google.com/p/chromium/issues/detail?id=163208
163208 - Security: Workers don't initialize a sandbox on Mac - chromium - Monorail
-
http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html
Chrome Releases: Stable Channel UpdateVendor Advisory
Jump to