CVE-2012-2864

Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute arbitrary code via unspecified vectors that trigger an "array overflow."

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://code.google.com/p/chromium/issues/detail?id=141901
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update-for-chrome-os.html
http://secunia.com/advisories/51215
http://www.mandriva.com/security/advisories?name=MDVSA-2013:103
http://www.ubuntu.com/usn/USN-1623-1
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0264
http://code.google.com/p/chromium/issues/detail?id=141901
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update-for-chrome-os.html
http://secunia.com/advisories/51215
http://www.mandriva.com/security/advisories?name=MDVSA-2013:103
http://www.ubuntu.com/usn/USN-1623-1
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0264

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:google:chrome_os::::::::
	cpe:2.3:o:google:chrome_os:21.0.1180.0:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.1:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.2:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.3:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.4:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.5:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.6:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.7:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.8:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.9:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.10:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.11:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.13:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.14:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.15:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.17:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.18:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.31:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.32:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.33:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.34:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.35:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.36:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.37:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.38:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.39:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.41:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.46:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.47:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.48:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.49:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.50:::::::*
	cpe:2.3:o:google:chrome_os:21.0.1180.79:::::::*

OR	cpe:2.3:h:acer:ac700_chromebook:-:::::::*
	cpe:2.3:h:google:cr-48_chromebook:-:::::::*
	cpe:2.3:h:samsung:series_5_550_chromebook:-:::::::*
	cpe:2.3:h:samsung:series_5_chromebook:-:::::::*

History

21 Nov 2024, 01:39

Type	Values Removed	Values Added
References	~~() http://code.google.com/p/chromium/issues/detail?id=141901 -~~	() http://code.google.com/p/chromium/issues/detail?id=141901 -
References	~~() http://googlechromereleases.blogspot.com/2012/08/stable-channel-update-for-chrome-os.html -~~	() http://googlechromereleases.blogspot.com/2012/08/stable-channel-update-for-chrome-os.html -
References	~~() http://secunia.com/advisories/51215 -~~	() http://secunia.com/advisories/51215 -
References	~~() http://www.mandriva.com/security/advisories?name=MDVSA-2013:103 -~~	() http://www.mandriva.com/security/advisories?name=MDVSA-2013:103 -
References	~~() http://www.ubuntu.com/usn/USN-1623-1 -~~	() http://www.ubuntu.com/usn/USN-1623-1 -
References	~~() https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0264 -~~	() https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0264 -

Information

Published : 2012-08-22 10:42

Updated : 2025-04-11 00:51

NVD link : CVE-2012-2864

Mitre link : CVE-2012-2864

CVE.ORG link : CVE-2012-2864

JSON object : View

Products Affected

samsung

series_5_550_chromebook
series_5_chromebook

google

cr-48_chromebook
chrome_os

acer

ac700_chromebook

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2012-2864", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-08-22T10:42:04.680", "references": [{"url": "http://code.google.com/p/chromium/issues/detail?id=141901", "source": "chrome-cve-admin@google.com"}, {"url": "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update-for-chrome-os.html", "source": "chrome-cve-admin@google.com"}, {"url": "http://secunia.com/advisories/51215", "source": "chrome-cve-admin@google.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:103", "source": "chrome-cve-admin@google.com"}, {"url": "http://www.ubuntu.com/usn/USN-1623-1", "source": "chrome-cve-admin@google.com"}, {"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0264", "source": "chrome-cve-admin@google.com"}, {"url": "http://code.google.com/p/chromium/issues/detail?id=141901", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://googlechromereleases.blogspot.com/2012/08/stable-channel-update-for-chrome-os.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/51215", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:103", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/USN-1623-1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0264", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute arbitrary code via unspecified vectors that trigger an \"array overflow.\""}, {"lang": "es", "value": "Mesa, tal y como se utiliza en Google Chrome v21.0.1183.0 en las plataformas AC700 Acer, Cr-48, y Samsung Chromebook Series 5 y 5 550, y el Samsung Chromebox Serie v3, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores no especificados que desencadenan un \"desbordamiento de array\".\r\n"}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "66A3758D-4DB2-4E46-957C-56D730391E19", "versionEndIncluding": "21.0.1180.81"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "987B91BE-8F31-4E33-8E53-D49595B7E429"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FB57EB7-E83D-4804-A001-2B5041CE5238"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D977EB7-ACC3-4583-90B1-402186DE8DE3"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75FE07A0-F8FC-4C05-B572-C0B6A713449C"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24630A90-2E00-436D-A93D-B3DBBA38D502"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E12D7923-3E35-4669-A0C5-78F6E99D3234"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7971C5EA-C08B-4EBD-A27F-D632544E4C99"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B31EE83F-9AC9-403F-8799-2414AFE0A6F8"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4999407E-2C3D-4FCA-9626-24078002ACEA"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D4288C1-C563-45BE-8D6D-A048E3020488"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "578D31F7-64A7-47D6-92AD-D0979A4B929C"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "238B4EBC-454D-4A36-95F1-B03906056DF6"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3AD5EF72-03B5-45A5-A330-607D53222572"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB2C99B1-79B9-4611-9BAE-B6C6F9129100"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDFF2D5B-CA7A-483E-B7D4-37F3C31D415A"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1818903A-50A7-43B2-A02A-0E1F139ED1EF"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A852A5E-3C6A-4C44-81FF-7BD5CDEA9A5C"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D64D675E-7111-4BA3-8CCE-31F97BF930C3"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D767FEA-5C8E-4DCB-949F-80F8FF4E83A7"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8E7F5B5-D7F6-4FC4-838A-776F83C4667F"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7EF5DDF5-C809-4CF8-8377-EF63AF08DCBC"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "978C195B-2C04-49A5-B447-F5F4AF8838FE"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D87F4916-85D2-44EA-A305-96AD0A9FEBBF"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "171DD495-1B7A-48D0-B837-B2169FA88EBE"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BDAF256-305D-4C1F-B176-C5185F40115B"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.39:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C469DD52-38E6-46A8-8FE7-2D16807790D0"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.41:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7A3BBCE-8520-44E5-B601-D31F7BDCCFF5"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.46:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC122724-FFEA-41F5-B0C7-80E7D033CA8D"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.47:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27FA1509-3DE0-46EC-A1C0-5FBD1D2DBA37"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05286EAA-C77B-427E-9804-BCE5FB9806EF"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.49:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CE1737E-D301-427E-AE96-BC4D579F53F1"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2F597FC-54BC-450A-9085-29E084A884DC"}, {"criteria": "cpe:2.3:o:google:chrome_os:21.0.1180.79:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BE4D2CC-02AF-4517-B453-BB59171804D5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:acer:ac700_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B3AC04E5-AEEE-4FC2-9C4D-340CB2FE7C7C"}, {"criteria": "cpe:2.3:h:google:cr-48_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A7CFCDE4-0D4D-44F5-A93B-168ACFA67FD8"}, {"criteria": "cpe:2.3:h:samsung:series_5_550_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6D2A9D7A-CB08-4A6F-A772-FA2C57CD1220"}, {"criteria": "cpe:2.3:h:samsung:series_5_chromebook:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "67210A6F-F5EB-4F02-8FEA-D6B3711C5191"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "chrome-cve-admin@google.com"}

10.0 /10