Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-4909Sensitive Information Exposure in Google Chrome

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
4.6%
top 10.67%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Google Chrome
Timeline
PublishedSep 13
Latest updateMay 17

Description

Google Chrome before 18.0.1025308 on Android allows remote attackers to obtain cookie information via a crafted application.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDgoogle/chrome18.0.1025306

🔴Vulnerability Details

1
GHSA
GHSA-wqph-mpgr-9mhr: Google Chrome before 182022-05-17

💥Exploits & PoCs

1
Exploit-DB
Google Chrome for Android - Local Application Handling Cookie Theft2012-09-12
CVE-2012-4909 — Sensitive Information Exposure | cvebase