CVE-2012-2815

Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
googlechrome
𝑥
≤ 20.0.1132.42
googlechrome
20.0.1132.0
googlechrome
20.0.1132.1
googlechrome
20.0.1132.2
googlechrome
20.0.1132.3
googlechrome
20.0.1132.4
googlechrome
20.0.1132.5
googlechrome
20.0.1132.6
googlechrome
20.0.1132.7
googlechrome
20.0.1132.8
googlechrome
20.0.1132.9
googlechrome
20.0.1132.10
googlechrome
20.0.1132.11
googlechrome
20.0.1132.12
googlechrome
20.0.1132.13
googlechrome
20.0.1132.14
googlechrome
20.0.1132.15
googlechrome
20.0.1132.16
googlechrome
20.0.1132.17
googlechrome
20.0.1132.18
googlechrome
20.0.1132.19
googlechrome
20.0.1132.20
googlechrome
20.0.1132.21
googlechrome
20.0.1132.22
googlechrome
20.0.1132.23
googlechrome
20.0.1132.24
googlechrome
20.0.1132.25
googlechrome
20.0.1132.26
googlechrome
20.0.1132.27
googlechrome
20.0.1132.28
googlechrome
20.0.1132.29
googlechrome
20.0.1132.30
googlechrome
20.0.1132.31
googlechrome
20.0.1132.32
googlechrome
20.0.1132.33
googlechrome
20.0.1132.34
googlechrome
20.0.1132.35
googlechrome
20.0.1132.36
googlechrome
20.0.1132.37
googlechrome
20.0.1132.38
googlechrome
20.0.1132.39
googlechrome
20.0.1132.40
googlechrome
20.0.1132.41
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
quantal
Fixed 3.0.1271.97-0ubuntu0.12.10.1
released
precise
Fixed 3.0.1271.97-0ubuntu0.12.04.1
released
oneiric
Fixed 3.0.1271.97-0ubuntu0.11.10.1
released
natty
ignored
lucid
Fixed 3.0.1271.97-0ubuntu0.10.04.1
released
hardy
dne
Common Weakness Enumeration
References
http://code.google.com/p/chromium/issues/detail?id=118633
http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://support.apple.com/kb/HT5400
http://support.apple.com/kb/HT5503
https://hermes.opensuse.org/messages/15075728
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15662
http://code.google.com/p/chromium/issues/detail?id=118633
http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://support.apple.com/kb/HT5400
http://support.apple.com/kb/HT5503
https://hermes.opensuse.org/messages/15075728
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15662