CVE-2012-1521

Description

Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

References

• http://code.google.com/p/chromium/issues/detail?id=117110
• http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html
• http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
• http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
• http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
• http://osvdb.org/81644
• http://secunia.com/advisories/48992
• http://security.gentoo.org/glsa/glsa-201205-01.xml
• http://support.apple.com/kb/HT5400
• http://support.apple.com/kb/HT5485
• http://support.apple.com/kb/HT5503
• http://www.securityfocus.com/bid/53309
• http://www.securitytracker.com/id?1027001
• https://exchange.xforce.ibmcloud.com/vulnerabilities/75270
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15397
• http://code.google.com/p/chromium/issues/detail?id=117110
• http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html
• http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
• http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
• http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
• http://osvdb.org/81644
• http://secunia.com/advisories/48992
• http://security.gentoo.org/glsa/glsa-201205-01.xml
• http://support.apple.com/kb/HT5400
• http://support.apple.com/kb/HT5485

CWEs

CWE-416