Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2848

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-2848
Last Modified 13 Aug 2012 11:37:59
Published 06 Aug 2012 11:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-2848

Summary

The drag-and-drop implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows user-assisted remote attackers to bypass intended file access restrictions via a crafted web site.

Vulnerable Systems

Application

  • Google Chrome 21.0.1180.0

  • Google Chrome 21.0.1180.1

  • Google Chrome 21.0.1180.2

  • Google Chrome 21.0.1180.31

  • Google Chrome 21.0.1180.32

  • Google Chrome 21.0.1180.33

  • Google Chrome 21.0.1180.34

  • Google Chrome 21.0.1180.35

  • Google Chrome 21.0.1180.36

  • Google Chrome 21.0.1180.37

  • Google Chrome 21.0.1180.38

  • Google Chrome 21.0.1180.39

  • Google Chrome 21.0.1180.41

  • Google Chrome 21.0.1180.46

  • Google Chrome 21.0.1180.47

  • Google Chrome 21.0.1180.48

  • Google Chrome 21.0.1180.49

  • Google Chrome 21.0.1180.50

  • Google Chrome 21.0.1180.51

  • Google Chrome 21.0.1180.52

  • Google Chrome 21.0.1180.53

  • Google Chrome 21.0.1180.54

  • Google Chrome 21.0.1180.55

  • Google Chrome 21.0.1180.56

  • Google Chrome 21.0.1180.57

  • Google Chrome 21.0.1180.59


References

CONFIRM - http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html

CONFIRM - http://code.google.com/p/chromium/issues/detail?id=127525


Last Updated: 27 May 2016 10:55:02