Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5376

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-5376
Last Modified 02 Nov 2013 11:28:15
Published 11 Oct 2012 06:51:57
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5376

Summary

The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than CVE-2012-5112.

Vulnerable Systems

Application

  • Google Chrome 22.0.1229.0

  • Google Chrome 22.0.1229.1

  • Google Chrome 22.0.1229.10

  • Google Chrome 22.0.1229.11

  • Google Chrome 22.0.1229.12

  • Google Chrome 22.0.1229.14

  • Google Chrome 22.0.1229.16

  • Google Chrome 22.0.1229.17

  • Google Chrome 22.0.1229.18

  • Google Chrome 22.0.1229.2

  • Google Chrome 22.0.1229.20

  • Google Chrome 22.0.1229.21

  • Google Chrome 22.0.1229.22

  • Google Chrome 22.0.1229.23

  • Google Chrome 22.0.1229.24

  • Google Chrome 22.0.1229.25

  • Google Chrome 22.0.1229.26

  • Google Chrome 22.0.1229.27

  • Google Chrome 22.0.1229.28

  • Google Chrome 22.0.1229.29

  • Google Chrome 22.0.1229.3

  • Google Chrome 22.0.1229.31

  • Google Chrome 22.0.1229.32

  • Google Chrome 22.0.1229.33

  • Google Chrome 22.0.1229.35

  • Google Chrome 22.0.1229.36

  • Google Chrome 22.0.1229.37

  • Google Chrome 22.0.1229.39

  • Google Chrome 22.0.1229.4

  • Google Chrome 22.0.1229.48

  • Google Chrome 22.0.1229.49

  • Google Chrome 22.0.1229.50

  • Google Chrome 22.0.1229.51

  • Google Chrome 22.0.1229.52

  • Google Chrome 22.0.1229.53

  • Google Chrome 22.0.1229.54

  • Google Chrome 22.0.1229.55

  • Google Chrome 22.0.1229.56

  • Google Chrome 22.0.1229.57

  • Google Chrome 22.0.1229.58

  • Google Chrome 22.0.1229.59

  • Google Chrome 22.0.1229.6

  • Google Chrome 22.0.1229.60

  • Google Chrome 22.0.1229.62

  • Google Chrome 22.0.1229.63

  • Google Chrome 22.0.1229.64

  • Google Chrome 22.0.1229.65

  • Google Chrome 22.0.1229.67

  • Google Chrome 22.0.1229.7

  • Google Chrome 22.0.1229.76

  • Google Chrome 22.0.1229.78

  • Google Chrome 22.0.1229.79

  • Google Chrome 22.0.1229.8

  • Google Chrome 22.0.1229.89

  • Google Chrome 22.0.1229.9

  • Google Chrome 22.0.1229.91

  • Google Chrome 22.0.1229.92


References

CONFIRM - http://googlechromereleases.blogspot.com/2012/10/stable-channel-update_6105.html

CONFIRM - http://code.google.com/p/chromium/issues/detail?id=154987

CONFIRM - http://code.google.com/p/chromium/issues/detail?id=154983

CONFIRM - http://blog.chromium.org/2012/10/pwnium-2-results-and-wrap-up_10.html

XF - google-chrome-ipc-sec-bypass(79186)

OSVDB - 86156

SECUNIA - 50954


Last Updated: 27 May 2016 11:00:58