Vulnerabilities > CVE-2012-2816 - Unspecified vulnerability in Google Chrome
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN google
nessus
Summary
Google Chrome before 20.0.1132.43 on Windows does not properly isolate sandboxed processes, which might allow remote attackers to cause a denial of service (process interference) via unspecified vectors.
Vulnerable Configurations
Nessus
NASL family Windows NASL id GOOGLE_CHROME_20_0_1132_43.NASL description The version of Google Chrome installed on the remote host is earlier than 20.0.1132.43 and is, therefore, affected by the following vulnerabilities : - An error exists related to the loading of the last seen 2020-06-01 modified 2020-06-02 plugin id 59735 published 2012-06-27 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59735 title Google Chrome < 20.0.1132.43 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-355.NASL description - Update Chromium to 22.0.1190 - Security Fixes (bnc#769181) : - CVE-2012-2815: Leak of iframe fragment id - CVE-2012-2816: Prevent sandboxed processes interfering with each other - CVE-2012-2817: Use-after-free in table section handling - CVE-2012-2818: Use-after-free in counter layout - CVE-2012-2819: Crash in texture handling - CVE-2012-2820: Out-of-bounds read in SVG filter handling - CVE-2012-2821: Autofill display problem - CVE-2012-2823: Use-after-free in SVG resource handling - CVE-2012-2826: Out-of-bounds read in texture conversion - CVE-2012-2829: Use-after-free in first-letter handling - CVE-2012-2830: Wild pointer in array value setting - CVE-2012-2831: Use-after-free in SVG reference handling - CVE-2012-2834: Integer overflow in Matroska container - CVE-2012-2825: Wild read in XSL handling - CVE-2012-2807: Integer overflows in libxml - Fix update-alternatives within the spec-file - Update v8 to 3.12.5.0 - Fixed Chromium issues: 115100, 129628, 131994, 132727, 132741, 132742, 133211 - Fixed V8 issues: 915, 1914, 2034, 2087, 2094, 2134, 2156, 2166, 2172, 2177, 2179, 2185 - Added --extra-code flag to mksnapshot to load JS code into the VM before creating the snapshot. - Support last seen 2020-06-05 modified 2014-06-13 plugin id 74660 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74660 title openSUSE Security Update : chromium / v8 (openSUSE-SU-2012:0813-1)
Oval
accepted | 2013-08-12T04:07:45.163-04:00 | ||||||||||||
class | vulnerability | ||||||||||||
contributors |
| ||||||||||||
definition_extensions |
| ||||||||||||
description | Google Chrome before 20.0.1132.43 on Windows does not properly isolate sandboxed processes, which might allow remote attackers to cause a denial of service (process interference) via unspecified vectors. | ||||||||||||
family | windows | ||||||||||||
id | oval:org.mitre.oval:def:15591 | ||||||||||||
status | accepted | ||||||||||||
submitted | 2012-06-27T11:45:52.000-04:00 | ||||||||||||
title | Google Chrome before 20.0.1132.43 on Windows does not properly isolate sandboxed processes | ||||||||||||
version | 44 |
References
- https://hermes.opensuse.org/messages/15075728
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15591
- http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
- http://code.google.com/p/chromium/issues/detail?id=119250
- http://code.google.com/p/chromium/issues/detail?id=119150