Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2012-2815 (GCVE-0-2012-2815)
Vulnerability from cvelistv5 – Published: 2012-06-27 10:00 – Updated: 2024-08-06 19:42
VLAI?
EPSS
Summary
Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:42:32.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2012:0813",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/15075728"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "oval:org.mitre.oval:def:15662",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15662"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
},
{
"name": "APPLE-SA-2012-07-25-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5400"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=118633"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "openSUSE-SU-2012:0813",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/15075728"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "oval:org.mitre.oval:def:15662",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15662"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
},
{
"name": "APPLE-SA-2012-07-25-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5400"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=118633"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2012-2815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2012:0813",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/15075728"
},
{
"name": "APPLE-SA-2012-09-19-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "http://support.apple.com/kb/HT5503",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "oval:org.mitre.oval:def:15662",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15662"
},
{
"name": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
},
{
"name": "APPLE-SA-2012-07-25-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT5400",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5400"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=118633",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=118633"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2012-2815",
"datePublished": "2012-06-27T10:00:00.000Z",
"dateReserved": "2012-05-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:42:32.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTA-2012-AVI-514
Vulnerability from certfr_avis - Published: 2012-09-21 - Updated: 2012-09-21
De multiples vulnérabilités ont été corrigées dans IOS 6. Certaines d'entre elles permettent à un attaquant d'exécuter du code arbitraire à distance au moyen de pages Web spécialement conçues.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Versions antérieures à IOS 6.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eVersions ant\u00e9rieures \u00e0 IOS 6.\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3048",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3048"
},
{
"name": "CVE-2011-1167",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1167"
},
{
"name": "CVE-2011-3089",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3089"
},
{
"name": "CVE-2011-3050",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3050"
},
{
"name": "CVE-2012-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3618"
},
{
"name": "CVE-2012-3663",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3663"
},
{
"name": "CVE-2012-3746",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3746"
},
{
"name": "CVE-2012-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3651"
},
{
"name": "CVE-2011-3924",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3924"
},
{
"name": "CVE-2012-3658",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3658"
},
{
"name": "CVE-2012-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3611"
},
{
"name": "CVE-2012-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3598"
},
{
"name": "CVE-2012-3638",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3638"
},
{
"name": "CVE-2012-1521",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1521"
},
{
"name": "CVE-2012-3745",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3745"
},
{
"name": "CVE-2012-3624",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3624"
},
{
"name": "CVE-2012-3664",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3664"
},
{
"name": "CVE-2012-1144",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1144"
},
{
"name": "CVE-2012-3592",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3592"
},
{
"name": "CVE-2012-3741",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3741"
},
{
"name": "CVE-2011-3068",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3068"
},
{
"name": "CVE-2012-3652",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3652"
},
{
"name": "CVE-2012-1127",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1127"
},
{
"name": "CVE-2012-1129",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1129"
},
{
"name": "CVE-2012-3674",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3674"
},
{
"name": "CVE-2011-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3090"
},
{
"name": "CVE-2012-3641",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3641"
},
{
"name": "CVE-2012-3696",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3696"
},
{
"name": "CVE-2012-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3626"
},
{
"name": "CVE-2011-3069",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3069"
},
{
"name": "CVE-2012-1143",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1143"
},
{
"name": "CVE-2012-3637",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3637"
},
{
"name": "CVE-2012-3680",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3680"
},
{
"name": "CVE-2012-3636",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3636"
},
{
"name": "CVE-2012-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3615"
},
{
"name": "CVE-2012-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3730"
},
{
"name": "CVE-2012-1131",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1131"
},
{
"name": "CVE-2012-1173",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1173"
},
{
"name": "CVE-2012-3744",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3744"
},
{
"name": "CVE-2012-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3610"
},
{
"name": "CVE-2012-3653",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3653"
},
{
"name": "CVE-2011-3032",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3032"
},
{
"name": "CVE-2012-3667",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3667"
},
{
"name": "CVE-2012-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3608"
},
{
"name": "CVE-2012-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3617"
},
{
"name": "CVE-2012-3645",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3645"
},
{
"name": "CVE-2011-3064",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3064"
},
{
"name": "CVE-2012-1132",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1132"
},
{
"name": "CVE-2011-3021",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3021"
},
{
"name": "CVE-2012-3738",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3738"
},
{
"name": "CVE-2012-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3640"
},
{
"name": "CVE-2012-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3733"
},
{
"name": "CVE-2011-3040",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3040"
},
{
"name": "CVE-2012-3676",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3676"
},
{
"name": "CVE-2012-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3605"
},
{
"name": "CVE-2011-3016",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3016"
},
{
"name": "CVE-2011-3969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3969"
},
{
"name": "CVE-2012-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3732"
},
{
"name": "CVE-2012-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3604"
},
{
"name": "CVE-2012-3686",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3686"
},
{
"name": "CVE-2012-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3635"
},
{
"name": "CVE-2012-3666",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3666"
},
{
"name": "CVE-2012-3740",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3740"
},
{
"name": "CVE-2011-1944",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1944"
},
{
"name": "CVE-2012-1520",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1520"
},
{
"name": "CVE-2012-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3596"
},
{
"name": "CVE-2012-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3627"
},
{
"name": "CVE-2011-3966",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3966"
},
{
"name": "CVE-2012-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3602"
},
{
"name": "CVE-2011-3328",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3328"
},
{
"name": "CVE-2012-1130",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1130"
},
{
"name": "CVE-2011-3034",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3034"
},
{
"name": "CVE-2012-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3597"
},
{
"name": "CVE-2012-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3614"
},
{
"name": "CVE-2011-3043",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3043"
},
{
"name": "CVE-2011-2845",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2845"
},
{
"name": "CVE-2011-3027",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3027"
},
{
"name": "CVE-2012-3731",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3731"
},
{
"name": "CVE-2011-3926",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3926"
},
{
"name": "CVE-2011-2834",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2834"
},
{
"name": "CVE-2012-3650",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3650"
},
{
"name": "CVE-2012-3669",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3669"
},
{
"name": "CVE-2012-3661",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3661"
},
{
"name": "CVE-2011-3060",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3060"
},
{
"name": "CVE-2011-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3105"
},
{
"name": "CVE-2011-3968",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3968"
},
{
"name": "CVE-2012-0683",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0683"
},
{
"name": "CVE-2012-3729",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3729"
},
{
"name": "CVE-2011-3053",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3053"
},
{
"name": "CVE-2011-3039",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3039"
},
{
"name": "CVE-2012-3734",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3734"
},
{
"name": "CVE-2011-2821",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2821"
},
{
"name": "CVE-2012-3589",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3589"
},
{
"name": "CVE-2012-3647",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3647"
},
{
"name": "CVE-2012-1128",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1128"
},
{
"name": "CVE-2012-3691",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3691"
},
{
"name": "CVE-2012-3684",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3684"
},
{
"name": "CVE-2012-3634",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3634"
},
{
"name": "CVE-2012-3677",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3677"
},
{
"name": "CVE-2012-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3646"
},
{
"name": "CVE-2011-3073",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3073"
},
{
"name": "CVE-2012-3724",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3724"
},
{
"name": "CVE-2011-3971",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3971"
},
{
"name": "CVE-2011-3076",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3076"
},
{
"name": "CVE-2012-3671",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3671"
},
{
"name": "CVE-2012-1133",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1133"
},
{
"name": "CVE-2012-3603",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3603"
},
{
"name": "CVE-2012-3695",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3695"
},
{
"name": "CVE-2012-1136",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1136"
},
{
"name": "CVE-2012-3739",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3739"
},
{
"name": "CVE-2012-1134",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1134"
},
{
"name": "CVE-2012-1126",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1126"
},
{
"name": "CVE-2011-3042",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3042"
},
{
"name": "CVE-2012-3655",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3655"
},
{
"name": "CVE-2012-1137",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1137"
},
{
"name": "CVE-2011-3059",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3059"
},
{
"name": "CVE-2011-3036",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3036"
},
{
"name": "CVE-2012-3722",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3722"
},
{
"name": "CVE-2012-3673",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3673"
},
{
"name": "CVE-2012-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3613"
},
{
"name": "CVE-2012-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0682"
},
{
"name": "CVE-2011-3041",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3041"
},
{
"name": "CVE-2011-3958",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3958"
},
{
"name": "CVE-2012-3590",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3590"
},
{
"name": "CVE-2012-3593",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3593"
},
{
"name": "CVE-2011-3035",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3035"
},
{
"name": "CVE-2012-3725",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3725"
},
{
"name": "CVE-2012-3678",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3678"
},
{
"name": "CVE-2012-1140",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1140"
},
{
"name": "CVE-2012-1139",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1139"
},
{
"name": "CVE-2011-3074",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3074"
},
{
"name": "CVE-2012-3659",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3659"
},
{
"name": "CVE-2012-2815",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2815"
},
{
"name": "CVE-2012-3594",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3594"
},
{
"name": "CVE-2011-3913",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3913"
},
{
"name": "CVE-2012-3743",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3743"
},
{
"name": "CVE-2012-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3644"
},
{
"name": "CVE-2012-3726",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3726"
},
{
"name": "CVE-2012-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3633"
},
{
"name": "CVE-2012-3728",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3728"
},
{
"name": "CVE-2011-3026",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3026"
},
{
"name": "CVE-2012-3708",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3708"
},
{
"name": "CVE-2012-3747",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3747"
},
{
"name": "CVE-2012-3742",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3742"
},
{
"name": "CVE-2012-3642",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3642"
},
{
"name": "CVE-2012-3591",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3591"
},
{
"name": "CVE-2011-3075",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3075"
},
{
"name": "CVE-2011-3081",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3081"
},
{
"name": "CVE-2011-3071",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3071"
},
{
"name": "CVE-2012-3679",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3679"
},
{
"name": "CVE-2012-3710",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3710"
},
{
"name": "CVE-2012-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3629"
},
{
"name": "CVE-2011-3037",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3037"
},
{
"name": "CVE-2011-3457",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3457"
},
{
"name": "CVE-2012-3595",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3595"
},
{
"name": "CVE-2012-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3670"
},
{
"name": "CVE-2012-0680",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0680"
},
{
"name": "CVE-2012-3601",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3601"
},
{
"name": "CVE-2012-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3628"
},
{
"name": "CVE-2012-3681",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3681"
},
{
"name": "CVE-2011-3044",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3044"
},
{
"name": "CVE-2012-3631",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3631"
},
{
"name": "CVE-2012-3665",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3665"
},
{
"name": "CVE-2012-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3612"
},
{
"name": "CVE-2012-1138",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1138"
},
{
"name": "CVE-2012-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3599"
},
{
"name": "CVE-2012-3704",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3704"
},
{
"name": "CVE-2012-3625",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3625"
},
{
"name": "CVE-2012-3683",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3683"
},
{
"name": "CVE-2011-3078",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3078"
},
{
"name": "CVE-2012-3736",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3736"
},
{
"name": "CVE-2012-3672",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3672"
},
{
"name": "CVE-2012-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3609"
},
{
"name": "CVE-2012-3660",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3660"
},
{
"name": "CVE-2012-3600",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3600"
},
{
"name": "CVE-2011-3067",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3067"
},
{
"name": "CVE-2012-1135",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1135"
},
{
"name": "CVE-2012-3706",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3706"
},
{
"name": "CVE-2012-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3620"
},
{
"name": "CVE-2012-3727",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3727"
},
{
"name": "CVE-2012-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3737"
},
{
"name": "CVE-2012-3703",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3703"
},
{
"name": "CVE-2012-3648",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3648"
},
{
"name": "CVE-2012-1142",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1142"
},
{
"name": "CVE-2011-3919",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3919"
},
{
"name": "CVE-2012-3735",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3735"
},
{
"name": "CVE-2012-3656",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3656"
},
{
"name": "CVE-2012-1141",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1141"
},
{
"name": "CVE-2011-3086",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3086"
},
{
"name": "CVE-2012-3630",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3630"
},
{
"name": "CVE-2012-3693",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3693"
},
{
"name": "CVE-2012-3682",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3682"
},
{
"name": "CVE-2011-3038",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3038"
},
{
"name": "CVE-2012-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3639"
},
{
"name": "CVE-2011-4599",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4599"
},
{
"name": "CVE-2012-2818",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2818"
},
{
"name": "CVE-2012-3668",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3668"
}
],
"initial_release_date": "2012-09-21T00:00:00",
"last_revision_date": "2012-09-21T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT5503 :",
"url": "http://support.apple.com/kb/HT5503"
}
],
"reference": "CERTA-2012-AVI-514",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-09-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eIOS 6\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance au moyen de pages Web\nsp\u00e9cialement con\u00e7ues.\n",
"title": "Multiples Vuln\u00e9rabilit\u00e9s dans IOS",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curi\u00e9 Apple HT5503 du 19 Septembre 2012",
"url": null
}
]
}
CERTA-2012-AVI-352
Vulnerability from certfr_avis - Published: 2012-06-27 - Updated: 2012-06-27
Vingt-deux vulnérabilités ont été corrigées dans Google Chrome. La majorité concerne des utilisations de pointeurs après les avoir libérés et peuvent entrainer une exécution de code arbitraire à distance. Les formats PDF et SVG sont principalement visés. Des débordements d'entiers et de mémoire tampon ont également été corrigés.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Versions antérieures à Google Chrome 20.0.1132.43.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eVersions ant\u00e9rieures \u00e0 Google Chrome 20.0.1132.43.\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-2831",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2831"
},
{
"name": "CVE-2012-2832",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2832"
},
{
"name": "CVE-2012-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2764"
},
{
"name": "CVE-2012-2819",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2819"
},
{
"name": "CVE-2012-2822",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2822"
},
{
"name": "CVE-2012-2829",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2829"
},
{
"name": "CVE-2012-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2828"
},
{
"name": "CVE-2012-2824",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2824"
},
{
"name": "CVE-2012-2815",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2815"
},
{
"name": "CVE-2012-2821",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2821"
},
{
"name": "CVE-2012-2823",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2823"
},
{
"name": "CVE-2012-2833",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2833"
},
{
"name": "CVE-2012-2820",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2820"
},
{
"name": "CVE-2012-2826",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2826"
},
{
"name": "CVE-2012-2807",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2807"
},
{
"name": "CVE-2012-2817",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2817"
},
{
"name": "CVE-2012-2827",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2827"
},
{
"name": "CVE-2012-2816",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2816"
},
{
"name": "CVE-2012-2834",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2834"
},
{
"name": "CVE-2012-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2830"
},
{
"name": "CVE-2012-2818",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2818"
},
{
"name": "CVE-2012-2825",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2825"
}
],
"initial_release_date": "2012-06-27T00:00:00",
"last_revision_date": "2012-06-27T00:00:00",
"links": [
{
"title": "Note de version Google Chrome du 26 juin 2012 :",
"url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
}
],
"reference": "CERTA-2012-AVI-352",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-06-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Vingt-deux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Chrome\u003c/span\u003e. La majorit\u00e9 concerne des\nutilisations de pointeurs apr\u00e8s les avoir lib\u00e9r\u00e9s et peuvent entrainer\nune ex\u00e9cution de code arbitraire \u00e0 distance. Les formats PDF et SVG sont\nprincipalement vis\u00e9s. Des d\u00e9bordements d\u0027entiers et de m\u00e9moire tampon\nont \u00e9galement \u00e9t\u00e9 corrig\u00e9s.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Google Chrome du 26 juin 2012",
"url": null
}
]
}
CERTA-2012-AVI-404
Vulnerability from certfr_avis - Published: 2012-07-26 - Updated: 2012-07-26
De multiples vulnérabilités ont été corrigées dans Safari. Elles permettent à une personne malintentionnée d'exécuter du code arbitraire à distance, télécharger des fichiers arbitraires à distance, falsifier une URL et injecter du code indirectement à distance (XSS).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Versions antérieures à Safari 6.0.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eVersions ant\u00e9rieures \u00e0 Safari 6.0.\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3089",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3089"
},
{
"name": "CVE-2011-3050",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3050"
},
{
"name": "CVE-2012-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3618"
},
{
"name": "CVE-2012-3663",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3663"
},
{
"name": "CVE-2011-3924",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3924"
},
{
"name": "CVE-2012-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3611"
},
{
"name": "CVE-2012-3638",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3638"
},
{
"name": "CVE-2012-1521",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1521"
},
{
"name": "CVE-2012-3664",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3664"
},
{
"name": "CVE-2012-3592",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3592"
},
{
"name": "CVE-2011-3068",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3068"
},
{
"name": "CVE-2012-3674",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3674"
},
{
"name": "CVE-2011-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3090"
},
{
"name": "CVE-2012-3641",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3641"
},
{
"name": "CVE-2012-3696",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3696"
},
{
"name": "CVE-2012-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3626"
},
{
"name": "CVE-2011-3069",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3069"
},
{
"name": "CVE-2012-3637",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3637"
},
{
"name": "CVE-2012-3680",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3680"
},
{
"name": "CVE-2012-3636",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3636"
},
{
"name": "CVE-2012-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3615"
},
{
"name": "CVE-2012-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3610"
},
{
"name": "CVE-2012-3653",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3653"
},
{
"name": "CVE-2012-0679",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0679"
},
{
"name": "CVE-2011-3032",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3032"
},
{
"name": "CVE-2012-3697",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3697"
},
{
"name": "CVE-2012-3667",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3667"
},
{
"name": "CVE-2012-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3608"
},
{
"name": "CVE-2012-3645",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3645"
},
{
"name": "CVE-2011-3064",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3064"
},
{
"name": "CVE-2011-3021",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3021"
},
{
"name": "CVE-2012-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3640"
},
{
"name": "CVE-2011-3040",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3040"
},
{
"name": "CVE-2012-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3605"
},
{
"name": "CVE-2011-3016",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3016"
},
{
"name": "CVE-2011-3969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3969"
},
{
"name": "CVE-2012-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3604"
},
{
"name": "CVE-2012-3686",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3686"
},
{
"name": "CVE-2012-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3635"
},
{
"name": "CVE-2012-3666",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3666"
},
{
"name": "CVE-2012-1520",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1520"
},
{
"name": "CVE-2012-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3596"
},
{
"name": "CVE-2012-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3627"
},
{
"name": "CVE-2011-3966",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3966"
},
{
"name": "CVE-2011-3034",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3034"
},
{
"name": "CVE-2012-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3597"
},
{
"name": "CVE-2011-3043",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3043"
},
{
"name": "CVE-2011-2845",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2845"
},
{
"name": "CVE-2011-3027",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3027"
},
{
"name": "CVE-2011-3926",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3926"
},
{
"name": "CVE-2012-3650",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3650"
},
{
"name": "CVE-2012-3669",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3669"
},
{
"name": "CVE-2012-3661",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3661"
},
{
"name": "CVE-2011-3060",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3060"
},
{
"name": "CVE-2011-3968",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3968"
},
{
"name": "CVE-2012-0683",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0683"
},
{
"name": "CVE-2011-3053",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3053"
},
{
"name": "CVE-2011-3039",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3039"
},
{
"name": "CVE-2012-3589",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3589"
},
{
"name": "CVE-2012-3691",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3691"
},
{
"name": "CVE-2012-3634",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3634"
},
{
"name": "CVE-2012-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3646"
},
{
"name": "CVE-2012-3694",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3694"
},
{
"name": "CVE-2011-3073",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3073"
},
{
"name": "CVE-2011-3971",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3971"
},
{
"name": "CVE-2011-3076",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3076"
},
{
"name": "CVE-2012-3603",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3603"
},
{
"name": "CVE-2012-3690",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3690"
},
{
"name": "CVE-2012-3695",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3695"
},
{
"name": "CVE-2011-3042",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3042"
},
{
"name": "CVE-2012-3655",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3655"
},
{
"name": "CVE-2011-3059",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3059"
},
{
"name": "CVE-2011-3036",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3036"
},
{
"name": "CVE-2012-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0682"
},
{
"name": "CVE-2011-3041",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3041"
},
{
"name": "CVE-2011-3958",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3958"
},
{
"name": "CVE-2012-3590",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3590"
},
{
"name": "CVE-2012-3593",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3593"
},
{
"name": "CVE-2011-3035",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3035"
},
{
"name": "CVE-2012-3678",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3678"
},
{
"name": "CVE-2011-3074",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3074"
},
{
"name": "CVE-2012-2815",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2815"
},
{
"name": "CVE-2012-3594",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3594"
},
{
"name": "CVE-2011-3913",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3913"
},
{
"name": "CVE-2012-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3644"
},
{
"name": "CVE-2012-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3633"
},
{
"name": "CVE-2012-3642",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3642"
},
{
"name": "CVE-2012-3591",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3591"
},
{
"name": "CVE-2011-3075",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3075"
},
{
"name": "CVE-2011-3081",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3081"
},
{
"name": "CVE-2011-3071",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3071"
},
{
"name": "CVE-2012-3679",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3679"
},
{
"name": "CVE-2012-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3629"
},
{
"name": "CVE-2011-3037",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3037"
},
{
"name": "CVE-2012-3595",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3595"
},
{
"name": "CVE-2012-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3670"
},
{
"name": "CVE-2012-0680",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0680"
},
{
"name": "CVE-2012-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3628"
},
{
"name": "CVE-2012-3681",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3681"
},
{
"name": "CVE-2011-3044",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3044"
},
{
"name": "CVE-2012-3631",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3631"
},
{
"name": "CVE-2012-3665",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3665"
},
{
"name": "CVE-2012-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3599"
},
{
"name": "CVE-2012-3625",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3625"
},
{
"name": "CVE-2012-3683",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3683"
},
{
"name": "CVE-2011-3078",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3078"
},
{
"name": "CVE-2012-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3609"
},
{
"name": "CVE-2012-3600",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3600"
},
{
"name": "CVE-2011-3067",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3067"
},
{
"name": "CVE-2012-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3620"
},
{
"name": "CVE-2012-0678",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0678"
},
{
"name": "CVE-2012-3689",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3689"
},
{
"name": "CVE-2012-3656",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3656"
},
{
"name": "CVE-2011-3086",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3086"
},
{
"name": "CVE-2011-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3426"
},
{
"name": "CVE-2012-3630",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3630"
},
{
"name": "CVE-2012-3693",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3693"
},
{
"name": "CVE-2012-3682",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3682"
},
{
"name": "CVE-2011-3038",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3038"
},
{
"name": "CVE-2012-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3639"
},
{
"name": "CVE-2012-3668",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3668"
}
],
"initial_release_date": "2012-07-26T00:00:00",
"last_revision_date": "2012-07-26T00:00:00",
"links": [],
"reference": "CERTA-2012-AVI-404",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-07-26T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eSafari\u003c/span\u003e. Elles permettent \u00e0 une personne\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance, t\u00e9l\u00e9charger\ndes fichiers arbitraires \u00e0 distance, falsifier une URL et injecter du\ncode indirectement \u00e0 distance (XSS).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Safari",
"vendor_advisories": [
{
"published_at": null,
"title": "Annonce de s\u00e9curit\u00e9 Apple du 25 juillet 2012",
"url": "http://prod.lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
}
]
}
FKIE_CVE-2012-2815
Vulnerability from fkie_nvd - Published: 2012-06-27 10:18 - Updated: 2025-04-11 00:51
Severity ?
Summary
Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| chrome | 20.0.1132.0 | ||
| chrome | 20.0.1132.1 | ||
| chrome | 20.0.1132.2 | ||
| chrome | 20.0.1132.3 | ||
| chrome | 20.0.1132.4 | ||
| chrome | 20.0.1132.5 | ||
| chrome | 20.0.1132.6 | ||
| chrome | 20.0.1132.7 | ||
| chrome | 20.0.1132.8 | ||
| chrome | 20.0.1132.9 | ||
| chrome | 20.0.1132.10 | ||
| chrome | 20.0.1132.11 | ||
| chrome | 20.0.1132.12 | ||
| chrome | 20.0.1132.13 | ||
| chrome | 20.0.1132.14 | ||
| chrome | 20.0.1132.15 | ||
| chrome | 20.0.1132.16 | ||
| chrome | 20.0.1132.17 | ||
| chrome | 20.0.1132.18 | ||
| chrome | 20.0.1132.19 | ||
| chrome | 20.0.1132.20 | ||
| chrome | 20.0.1132.21 | ||
| chrome | 20.0.1132.22 | ||
| chrome | 20.0.1132.23 | ||
| chrome | 20.0.1132.24 | ||
| chrome | 20.0.1132.25 | ||
| chrome | 20.0.1132.26 | ||
| chrome | 20.0.1132.27 | ||
| chrome | 20.0.1132.28 | ||
| chrome | 20.0.1132.29 | ||
| chrome | 20.0.1132.30 | ||
| chrome | 20.0.1132.31 | ||
| chrome | 20.0.1132.32 | ||
| chrome | 20.0.1132.33 | ||
| chrome | 20.0.1132.34 | ||
| chrome | 20.0.1132.35 | ||
| chrome | 20.0.1132.36 | ||
| chrome | 20.0.1132.37 | ||
| chrome | 20.0.1132.38 | ||
| chrome | 20.0.1132.39 | ||
| chrome | 20.0.1132.40 | ||
| chrome | 20.0.1132.41 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5E7E3F-3DF6-466D-825E-7484B7F0ED0E",
"versionEndIncluding": "20.0.1132.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5559EFC8-18F4-4E5A-9198-E86D0A2D95DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D24BBC-FED3-4744-AC61-CB11531E9D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C0FF1E-CE10-45EC-B35C-0D5623697998",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.3:*:*:*:*:*:*:*",
"matchCriteriaId": "74ACE4E5-56D6-4EDC-8E92-9937A87D28CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1BC2A3-CE9B-4D6F-B9D5-D408B714468B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2A3129-C209-4E67-AD08-2DA3D289FB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E3C624-A446-44CC-8141-410E521A21AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE627E1-DFCB-40D0-A84C-16AE80C73E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D6694631-7054-48AF-B046-32694BFA5DCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A09C563A-5541-4799-9F6E-B20ABD211185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCF11B8-1997-4930-AEF2-D008B55D3CB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB5CC75-658A-455A-9BB2-D702523E66FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.12:*:*:*:*:*:*:*",
"matchCriteriaId": "13341A40-4EDF-4E15-A693-95F7DEDA9803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.13:*:*:*:*:*:*:*",
"matchCriteriaId": "55EA4229-47F8-435E-8475-8E79D5AD7340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.14:*:*:*:*:*:*:*",
"matchCriteriaId": "32C0848C-4A1A-4068-8384-F7FC9314B096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A5FC9C-F50E-48BA-88F3-9CCE0EF23F44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.16:*:*:*:*:*:*:*",
"matchCriteriaId": "08192C42-C286-4694-B45E-25FC177FF8FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CEE0F7-7795-4FB0-BE4E-11795661CE66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B04B9A-302F-48BB-BCBC-4B2302F73F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.19:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C41D41-F357-4AA4-AF10-1740E0F65A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.20:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE569D4-8DC2-44BD-9FEC-4C8E18C1E10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.21:*:*:*:*:*:*:*",
"matchCriteriaId": "71E32C87-CABE-464D-85AE-E5A53E954317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E7004E55-4987-4ADF-B99E-8EE85AC2E626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.23:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE6A4F6-3903-452C-999A-A26629CC6DEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.24:*:*:*:*:*:*:*",
"matchCriteriaId": "757DFB66-2F5F-421E-8014-8CE3E0E83F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.25:*:*:*:*:*:*:*",
"matchCriteriaId": "85675AB6-CA91-462F-903A-7F9A2400A4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.26:*:*:*:*:*:*:*",
"matchCriteriaId": "B78196D7-8D7F-483B-A587-DCD94FE28E22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.27:*:*:*:*:*:*:*",
"matchCriteriaId": "1DC91ABB-129A-467E-9900-D84886BE068E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.28:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD4E658-4860-425F-A890-B234791BD2D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.29:*:*:*:*:*:*:*",
"matchCriteriaId": "06FF0461-D045-4BC5-B20D-28C7D3A12BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.30:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB5D96D-9642-4B48-98A2-713E05977948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7EDE7D7B-490C-490D-9F2A-00DF72598ACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.32:*:*:*:*:*:*:*",
"matchCriteriaId": "2485E36F-E014-45F9-80D2-79CC560DD68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.33:*:*:*:*:*:*:*",
"matchCriteriaId": "85809C6A-B4C9-4B57-A295-2805A789F495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.34:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DFFBD0-5E00-453B-B33A-A94B43278F33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.35:*:*:*:*:*:*:*",
"matchCriteriaId": "6A04F552-DB31-4F27-A1ED-38A1D857E6CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.36:*:*:*:*:*:*:*",
"matchCriteriaId": "C49C1C7C-D235-45F2-B54A-E82DCF29E53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.37:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0FBAF0-31DE-42DA-B9A0-9E06DB4C59ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.38:*:*:*:*:*:*:*",
"matchCriteriaId": "56C38A9D-20A6-4AE9-93DA-00D69130907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.39:*:*:*:*:*:*:*",
"matchCriteriaId": "6529FF3F-6316-4093-8F93-1977809C6151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.40:*:*:*:*:*:*:*",
"matchCriteriaId": "18A1B84B-B5AC-4E4A-83C6-601C3D359527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:20.0.1132.41:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1B10F5-D24A-4614-B9D4-927380E02011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain."
},
{
"lang": "es",
"value": "Google Chrome anterior a v20.0.1132.43 permite a atacantes remotos obtener informaci\u00f3n potencialmente sensible a partir de un identificador de fragmento, aprovechando el acceso a un elemento IFRAME asociado a un dominio diferente."
}
],
"id": "CVE-2012-2815",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-27T10:18:38.400",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://code.google.com/p/chromium/issues/detail?id=118633"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://support.apple.com/kb/HT5400"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://hermes.opensuse.org/messages/15075728"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://code.google.com/p/chromium/issues/detail?id=118633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5400"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://hermes.opensuse.org/messages/15075728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15662"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2012-2815
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2012-2815",
"description": "Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain.",
"id": "GSD-2012-2815",
"references": [
"https://www.suse.com/security/cve/CVE-2012-2815.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2012-2815"
],
"details": "Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain.",
"id": "GSD-2012-2815",
"modified": "2023-12-13T01:20:16.020354Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2012-2815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2012:0813",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/15075728"
},
{
"name": "APPLE-SA-2012-09-19-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "http://support.apple.com/kb/HT5503",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "oval:org.mitre.oval:def:15662",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15662"
},
{
"name": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
},
{
"name": "APPLE-SA-2012-07-25-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT5400",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5400"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=118633",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=118633"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.1132.42",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:chrome:20.0.1132.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2012-2815"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=118633",
"refsource": "CONFIRM",
"tags": [],
"url": "http://code.google.com/p/chromium/issues/detail?id=118633"
},
{
"name": "openSUSE-SU-2012:0813",
"refsource": "SUSE",
"tags": [],
"url": "https://hermes.opensuse.org/messages/15075728"
},
{
"name": "http://support.apple.com/kb/HT5400",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.apple.com/kb/HT5400"
},
{
"name": "APPLE-SA-2012-07-25-1",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"name": "APPLE-SA-2012-09-19-1",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "http://support.apple.com/kb/HT5503",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "oval:org.mitre.oval:def:15662",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15662"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-09-19T01:34Z",
"publishedDate": "2012-06-27T10:18Z"
}
}
}
GHSA-639F-4XPQ-8887
Vulnerability from github – Published: 2022-05-17 00:59 – Updated: 2022-05-17 00:59
VLAI?
Details
Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain.
{
"affected": [],
"aliases": [
"CVE-2012-2815"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-06-27T10:18:00Z",
"severity": "MODERATE"
},
"details": "Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain.",
"id": "GHSA-639f-4xpq-8887",
"modified": "2022-05-17T00:59:29Z",
"published": "2022-05-17T00:59:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2815"
},
{
"type": "WEB",
"url": "https://hermes.opensuse.org/messages/15075728"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15662"
},
{
"type": "WEB",
"url": "http://code.google.com/p/chromium/issues/detail?id=118633"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5400"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5503"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…