CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2012

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2001 CVE-2012-2888 399 DoS 2012-09-26 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG text references.
2002 CVE-2012-2887 399 DoS 2012-09-26 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving onclick events.
2003 CVE-2012-2886 79 XSS 2012-09-26 2018-10-30
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Google V8 bindings, aka "Universal XSS (UXSS)."
2004 CVE-2012-2885 399 DoS 2012-09-26 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Double free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to application exit.
2005 CVE-2012-2884 119 DoS Overflow 2012-09-26 2018-10-30
5.0
None Remote Low Not required None None Partial
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
2006 CVE-2012-2883 119 DoS Overflow 2012-09-26 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2874.
2007 CVE-2012-2882 20 DoS 2012-09-26 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "wild pointer" issue.
2008 CVE-2012-2881 119 DoS Overflow 2012-09-26 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 22.0.1229.79 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via unknown vectors.
2009 CVE-2012-2880 362 DoS 2012-09-26 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Race condition in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the plug-in paint buffer.
2010 CVE-2012-2879 119 DoS Overflow 2012-09-26 2018-10-30
4.3
None Remote Medium Not required None None Partial
Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document.
2011 CVE-2012-2878 399 DoS 2012-09-26 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.
2012 CVE-2012-2877 20 DoS 2012-09-26 2018-10-30
5.0
None Remote Low Not required None None Partial
The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
2013 CVE-2012-2876 119 DoS Overflow 2012-09-26 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
2014 CVE-2012-2875 2012-09-26 2017-09-19
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 22.0.1229.79 allow remote attackers to have an unknown impact via a crafted document.
2015 CVE-2012-2874 119 DoS Overflow 2012-09-26 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883.
2016 CVE-2012-2872 79 XSS 2012-08-31 2018-10-30
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
2017 CVE-2012-2871 DoS 2012-08-31 2017-08-29
6.8
None Remote Medium Not required Partial Partial Partial
libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.
2018 CVE-2012-2870 399 DoS 2012-08-31 2014-01-28
4.3
None Remote Medium Not required None None Partial
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.
2019 CVE-2012-2869 119 DoS Overflow 2012-08-31 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer."
2020 CVE-2012-2868 362 DoS 2012-08-31 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object.
2021 CVE-2012-2867 DoS 2012-08-31 2018-10-30
5.0
None Remote Low Not required None None Partial
The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
2022 CVE-2012-2866 DoS 2012-08-31 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
2023 CVE-2012-2865 119 DoS Overflow 2012-08-31 2018-10-30
4.3
None Remote Medium Not required None None Partial
Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
2024 CVE-2012-2864 119 Exec Code Overflow 2012-08-22 2014-02-12
10.0
None Remote Low Not required Complete Complete Complete
Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute arbitrary code via unspecified vectors that trigger an "array overflow."
2025 CVE-2012-2863 119 DoS Overflow 2012-08-09 2017-09-19
7.5
None Remote Low Not required Partial Partial Partial
The PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.
2026 CVE-2012-2862 399 DoS 2012-08-09 2017-09-19
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
2027 CVE-2012-2860 DoS 2012-08-06 2017-09-19
6.8
None Remote Medium Not required Partial Partial Partial
The date-picker implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site.
2028 CVE-2012-2859 119 DoS Exec Code Overflow 2012-08-06 2012-08-07
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 21.0.1180.57 on Linux does not properly handle tabs, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
2029 CVE-2012-2858 119 DoS Overflow 2012-08-06 2017-09-19
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the WebP decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted WebP image.
2030 CVE-2012-2857 399 DoS 2012-08-06 2017-09-19
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the Cascading Style Sheets (CSS) DOM implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
2031 CVE-2012-2856 119 DoS Overflow 2012-08-06 2017-09-19
7.5
None Remote Low Not required Partial Partial Partial
The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.
2032 CVE-2012-2855 399 DoS 2012-08-06 2017-09-19
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
2033 CVE-2012-2854 200 +Info 2012-08-06 2017-09-19
5.0
None Remote Low Not required Partial None None
Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to obtain potentially sensitive information about pointer values by leveraging access to a WebUI renderer process.
2034 CVE-2012-2853 DoS 2012-08-06 2017-09-19
6.8
None Remote Medium Not required Partial Partial Partial
The webRequest API in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly interact with the Chrome Web Store, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site.
2035 CVE-2012-2852 399 DoS 2012-08-06 2017-09-19
6.8
None Remote Medium Not required Partial Partial Partial
The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly handle object linkage, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted document.
2036 CVE-2012-2851 189 DoS Overflow 2012-08-06 2017-09-19
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
2037 CVE-2012-2850 2012-08-06 2017-09-19
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allow remote attackers to have an unknown impact via a crafted document.
2038 CVE-2012-2849 189 DoS 2012-08-06 2017-09-19
4.3
None Remote Medium Not required None None Partial
Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.
2039 CVE-2012-2848 264 Bypass 2012-08-06 2017-09-19
4.3
None Remote Medium Not required None Partial None
The drag-and-drop implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows user-assisted remote attackers to bypass intended file access restrictions via a crafted web site.
2040 CVE-2012-2847 399 DoS 2012-08-06 2017-09-19
4.3
None Remote Medium Not required None None Partial
Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not request user confirmation before continuing a large series of downloads, which allows user-assisted remote attackers to cause a denial of service (resource consumption) via a crafted web site.
2041 CVE-2012-2846 DoS 2012-08-06 2012-08-07
5.0
None Remote Low Not required None None Partial
Google Chrome before 21.0.1180.57 on Linux does not properly isolate renderer processes, which allows remote attackers to cause a denial of service (cross-process interference) via unspecified vectors.
2042 CVE-2012-2845 189 DoS Overflow +Info 2012-07-13 2016-11-28
6.4
None Remote Low Not required Partial None Partial
Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file.
2043 CVE-2012-2844 DoS 2012-07-12 2017-09-19
9.3
None Remote Medium Not required Complete Complete Complete
The PDF functionality in Google Chrome before 20.0.1132.57 does not properly handle JavaScript code, which allows remote attackers to cause a denial of service (incorrect object access) or possibly have unspecified other impact via a crafted document.
2044 CVE-2012-2843 399 DoS 2012-07-12 2017-09-19
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking.
2045 CVE-2012-2842 399 DoS 2012-07-12 2017-09-19
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling.
2046 CVE-2012-2841 189 Exec Code Overflow 2012-07-13 2021-01-26
7.5
None Remote Low Not required Partial Partial Partial
Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow.
2047 CVE-2012-2840 189 DoS Exec Code 2012-07-13 2021-01-26
7.5
None Remote Low Not required Partial Partial Partial
Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.
2048 CVE-2012-2837 189 DoS 2012-07-13 2021-01-26
5.0
None Remote Low Not required None None Partial
The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an image with crafted EXIF tags that are not properly handled during the formatting of EXIF maker note tags.
2049 CVE-2012-2836 119 DoS Overflow +Info 2012-07-13 2021-01-26
6.4
None Remote Low Not required Partial None Partial
The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.
2050 CVE-2012-2834 189 DoS Overflow 2012-06-27 2017-09-19
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted data in the Matroska container format.
Total number of vulnerabilities : 5297   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 (This Page)42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.