CVE-2012-2764

Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
VendorProductVersion
googlechrome
𝑥
≤ 20.0.1132.42
googlechrome
20.0.1132.0
googlechrome
20.0.1132.1
googlechrome
20.0.1132.2
googlechrome
20.0.1132.3
googlechrome
20.0.1132.4
googlechrome
20.0.1132.5
googlechrome
20.0.1132.6
googlechrome
20.0.1132.7
googlechrome
20.0.1132.8
googlechrome
20.0.1132.9
googlechrome
20.0.1132.10
googlechrome
20.0.1132.11
googlechrome
20.0.1132.12
googlechrome
20.0.1132.13
googlechrome
20.0.1132.14
googlechrome
20.0.1132.15
googlechrome
20.0.1132.16
googlechrome
20.0.1132.17
googlechrome
20.0.1132.18
googlechrome
20.0.1132.19
googlechrome
20.0.1132.20
googlechrome
20.0.1132.21
googlechrome
20.0.1132.22
googlechrome
20.0.1132.23
googlechrome
20.0.1132.24
googlechrome
20.0.1132.25
googlechrome
20.0.1132.26
googlechrome
20.0.1132.27
googlechrome
20.0.1132.28
googlechrome
20.0.1132.29
googlechrome
20.0.1132.30
googlechrome
20.0.1132.31
googlechrome
20.0.1132.32
googlechrome
20.0.1132.33
googlechrome
20.0.1132.34
googlechrome
20.0.1132.35
googlechrome
20.0.1132.36
googlechrome
20.0.1132.37
googlechrome
20.0.1132.38
googlechrome
20.0.1132.39
googlechrome
20.0.1132.40
googlechrome
20.0.1132.41
𝑥
= Vulnerable software versions
References
http://code.google.com/p/chromium/issues/detail?id=130276
http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15375
http://code.google.com/p/chromium/issues/detail?id=130276
http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15375