CVE-2012-5142Code Injection in Google Chrome

CWE-94Code Injection2 documents2 sources
Severity
10.0CRITICALNVD
EPSS
5.6%
top 9.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google ChromeOpensuse
Timeline
PublishedDec 12
Latest updateMay 14

Description

Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDgoogle/chrome23.0.1271.96+67
NVDopensuse/opensuse12.1, 12.2+1

🔴Vulnerability Details

1
GHSA
GHSA-mp55-9rjm-mhg4: Google Chrome before 232022-05-14
CVE-2012-5142 — Code Injection in Google Chrome | cvebase