Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-2764 — Google Chrome vulnerability

3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.5%

top 35.78%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Google Chrome

Timeline

PublishedJun 27

Latest updateMay 17

Description

Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDgoogle/chrome20.0.1132.42+42

🔴Vulnerability Details

GHSA

GHSA-ph7x-vvfh-m5cm: Untrusted search path vulnerability in Google Chrome before 20↗2022-05-17

▶

💥Exploits & PoCs

Exploit-DB

Google Chrome 19.0.1084.52 - 'metro_driver.dll' DLL Loading Arbitrary Code Execution↗2012-06-26

▶