CVE-2012-5112Improper Privilege Management in Google Chrome

CWE-399CWE-269Improper Privilege Management5 documents3 sources
Severity
10.0CRITICALNVD
NVD9.6
EPSS
4.6%
top 10.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google ChromeApple Iphone OS
Timeline
PublishedOct 11
Latest updateMay 17

Description

Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 22.0.1229.94, allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDgoogle/chrome< 22.0.1229.94+57

🔴Vulnerability Details

3
GHSA
GHSA-fqc7-p492-g423: Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 222022-05-17
GHSA
GHSA-pff3-h37v-m32x: The Inter-process Communication (IPC) implementation in Google Chrome before 222022-05-13
OSV
CVE-2012-5112: Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 222012-10-11
CVE-2012-5112 — Improper Privilege Management in Google | cvebase