Vulnerabilities > CVE-2012-5109 - Out-of-bounds Read vulnerability in Google Chrome

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

The International Components for Unicode (ICU) functionality in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a regular expression.

Vulnerable Configurations

Part Description Count
Application
Google
2459

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.

Nessus

  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_E6161B65118711E2AFE300262D5ED8EE.NASL
    descriptionGoogle Chrome Releases reports : [138208] High CVE-2012-2900: Crash in Skia text rendering. Credit to Atte Kettunen of OUSPG. [147499] Critical CVE-2012-5108: Race condition in audio device handling. Credit to Atte Kettunen of OUSPG. [148692] Medium CVE-2012-5109: OOB read in ICU regex. Credit to Arthur Gerkis. [151449] Medium CVE-2012-5110: Out-of-bounds read in compositor. Credit to Google Chrome Security Team (Inferno). [151895] Low CVE-2012-5111: Plug-in crash monitoring was missing for Pepper plug-ins. Credit to Google Chrome Security Team (Chris Evans).
    last seen2020-06-01
    modified2020-06-02
    plugin id62457
    published2012-10-09
    reporterThis script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62457
    titleFreeBSD : chromium -- multiple vulnerabilities (e6161b65-1187-11e2-afe3-00262d5ed8ee)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from the FreeBSD VuXML database :
    #
    # Copyright 2003-2013 Jacques Vidrine and contributors
    #
    # Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
    # HTML, PDF, PostScript, RTF and so forth) with or without modification,
    # are permitted provided that the following conditions are met:
    # 1. Redistributions of source code (VuXML) must retain the above
    #    copyright notice, this list of conditions and the following
    #    disclaimer as the first lines of this file unmodified.
    # 2. Redistributions in compiled form (transformed to other DTDs,
    #    published online in any format, converted to PDF, PostScript,
    #    RTF and other formats) must reproduce the above copyright
    #    notice, this list of conditions and the following disclaimer
    #    in the documentation and/or other materials provided with the
    #    distribution.
    # 
    # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
    # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
    # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
    # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
    # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
    # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
    # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(62457);
      script_version("$Revision: 1.3 $");
      script_cvs_date("$Date: 2013/06/22 00:15:00 $");
    
      script_cve_id("CVE-2012-2900", "CVE-2012-5108", "CVE-2012-5109", "CVE-2012-5110", "CVE-2012-5111");
    
      script_name(english:"FreeBSD : chromium -- multiple vulnerabilities (e6161b65-1187-11e2-afe3-00262d5ed8ee)");
      script_summary(english:"Checks for updated package in pkg_info output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote FreeBSD host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Google Chrome Releases reports :
    
    [138208] High CVE-2012-2900: Crash in Skia text rendering. Credit to
    Atte Kettunen of OUSPG.
    
    [147499] Critical CVE-2012-5108: Race condition in audio device
    handling. Credit to Atte Kettunen of OUSPG.
    
    [148692] Medium CVE-2012-5109: OOB read in ICU regex. Credit to Arthur
    Gerkis.
    
    [151449] Medium CVE-2012-5110: Out-of-bounds read in compositor.
    Credit to Google Chrome Security Team (Inferno).
    
    [151895] Low CVE-2012-5111: Plug-in crash monitoring was missing for
    Pepper plug-ins. Credit to Google Chrome Security Team (Chris Evans)."
      );
      # http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?bdc75d6a"
      );
      # http://www.freebsd.org/ports/portaudit/e6161b65-1187-11e2-afe3-00262d5ed8ee.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?922b85fc"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:chromium");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/08");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/10/08");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/10/09");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.");
      script_family(english:"FreeBSD Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("freebsd_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
    if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (pkg_test(save_report:TRUE, pkg:"chromium<22.0.1229.92")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyWindows
    NASL idGOOGLE_CHROME_22_0_1229_92.NASL
    descriptionThe version of Google Chrome installed on the remote host is earlier than 22.0.1229.92 and is, therefore, affected by the following vulnerabilities : - An unspecified error exists related to Skia text rendering can cause the application to crash. (CVE-2012-2900) - A race condition exists related to audio device handling. (CVE-2012-5108) - Out-of-bounds read errors exist related to
    last seen2020-06-01
    modified2020-06-02
    plugin id62518
    published2012-10-12
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62518
    titleGoogle Chrome < 22.0.1229.92 Multiple Vulnerabilities

Oval

accepted2013-08-12T04:08:00.357-04:00
classvulnerability
contributors
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
definition_extensions
commentGoogle Chrome is installed
ovaloval:org.mitre.oval:def:11914
descriptionThe International Components for Unicode (ICU) functionality in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a regular expression.
familywindows
idoval:org.mitre.oval:def:15774
statusaccepted
submitted2012-10-09T10:08:26.230-04:00
titleVulnerability in ICU functionality in Google Chrome before 22.0.1229.92 via vectors related to a regular expression
version42