CVE-2012-5127 — Google Chrome vulnerability

CWE-1897 documents6 sources
Severity
7.5HIGHNVD
EPSS
1.3%
top 20.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Webmproject LibwebpGoogle Chrome
Timeline
PublishedNov 7
Latest updateMay 17

Description

Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

â–¶NVDgoogle/chrome23.0.1271.62+53
â–¶Debianwebmproject/libwebp< 0.1.3-3+nmu1+3

🔴Vulnerability Details

3
GHSA
GHSA-pjmj-f9p8-9w2r: Integer overflow in Google Chrome before 23↗2022-05-17
â–¶
OSV
CVE-2012-5127: Integer overflow in Google Chrome before 23↗2012-11-07
â–¶
CVEList
CVE-2012-5127: Integer overflow in Google Chrome before 23↗2012-11-07
â–¶

📋Vendor Advisories

1
Debian
CVE-2012-5127: libwebp - Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to...↗2012
â–¶

💬Community

2
Bugzilla
CVE-2012-5127 libwebp: Integer overflow when processing crafted WebP image↗2012-11-09
â–¶
Bugzilla
CVE-2012-5127 libwebp: Integer overflow when processing crafted WebP image [fedora-all]↗2012-11-09
â–¶
CVE-2012-5127 — Google Chrome vulnerability | cvebase