Main Vulnerability Database Vulnerabilities #VU43477

Information disclosure in Google Chrome - CVE-2012-2891

Published: September 26, 2012 / Updated: August 11, 2020

Vulnerability identifier: #VU43477

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2012-2891

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
Google Chrome

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The IPC implementation in Google Chrome before 22.0.1229.79 allows attackers to obtain potentially sensitive information about memory addresses via unspecified vectors.

How to mitigate CVE-2012-2891

Install update from vendor's website.

Sources

http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html
https://code.google.com/p/chromium/issues/detail?id=144051
https://exchange.xforce.ibmcloud.com/vulnerabilities/78842
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15484

Information disclosure in Google Chrome - CVE-2012-2891

Detailed vulnerability description

How to mitigate CVE-2012-2891

Sources

Please verify you're human