CVE-2012-2891
medium
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
5.0
Description
The IPC implementation in Google Chrome before 22.0.1229.79 allows attackers to obtain potentially sensitive information about memory addresses via unspecified vectors.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| chrome | {"endIncluding":"22.0.1229.78"} | | |
| chrome | 22.0.1229.0 | | |
| chrome | 22.0.1229.1 | | |
| chrome | 22.0.1229.2 | | |
| chrome | 22.0.1229.3 | | |
| chrome | 22.0.1229.4 | | |
| chrome | 22.0.1229.6 | | |
| chrome | 22.0.1229.7 | | |
| chrome | 22.0.1229.8 | | |
| chrome | 22.0.1229.9 | | |
| chrome | 22.0.1229.10 | | |
| chrome | 22.0.1229.11 | | |
| chrome | 22.0.1229.12 | | |
| chrome | 22.0.1229.14 | | |
| chrome | 22.0.1229.16 | | |
| chrome | 22.0.1229.17 | | |
| chrome | 22.0.1229.18 | | |
| chrome | 22.0.1229.20 | | |
| chrome | 22.0.1229.21 | | |
| chrome | 22.0.1229.22 | | |
| chrome | 22.0.1229.23 | | |
| chrome | 22.0.1229.24 | | |
| chrome | 22.0.1229.25 | | |
| chrome | 22.0.1229.26 | | |
| chrome | 22.0.1229.27 | | |
| chrome | 22.0.1229.28 | | |
| chrome | 22.0.1229.29 | | |
| chrome | 22.0.1229.31 | | |
| chrome | 22.0.1229.32 | | |
| chrome | 22.0.1229.33 | | |
| chrome | 22.0.1229.35 | | |
| chrome | 22.0.1229.36 | | |
| chrome | 22.0.1229.37 | | |
| chrome | 22.0.1229.39 | | |
| chrome | 22.0.1229.48 | | |
| chrome | 22.0.1229.49 | | |
| chrome | 22.0.1229.50 | | |
| chrome | 22.0.1229.51 | | |
| chrome | 22.0.1229.52 | | |
| chrome | 22.0.1229.53 | | |
| chrome | 22.0.1229.54 | | |
| chrome | 22.0.1229.55 | | |
| chrome | 22.0.1229.56 | | |
| chrome | 22.0.1229.57 | | |
| chrome | 22.0.1229.58 | | |
| chrome | 22.0.1229.59 | | |
| chrome | 22.0.1229.60 | | |
| chrome | 22.0.1229.62 | | |
| chrome | 22.0.1229.63 | | |
| chrome | 22.0.1229.64 | | |
| chrome | 22.0.1229.65 | | |
| chrome | 22.0.1229.67 | | |
| chrome | 22.0.1229.76 | |
References
- http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html
- http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html
- https://code.google.com/p/chromium/issues/detail?id=144051
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78842
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15484
- http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html
- http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html
- https://code.google.com/p/chromium/issues/detail?id=144051
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78842
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15484
CWEs
CWE-200
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.