CVE-2012-5127

EUVD-2012-5050
Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
Affected Products (NVD)
VendorProductVersion
googlechrome
𝑥
≤ 23.0.1271.62
googlechrome
23.0.1271.0
googlechrome
23.0.1271.1
googlechrome
23.0.1271.2
googlechrome
23.0.1271.3
googlechrome
23.0.1271.4
googlechrome
23.0.1271.5
googlechrome
23.0.1271.6
googlechrome
23.0.1271.7
googlechrome
23.0.1271.8
googlechrome
23.0.1271.9
googlechrome
23.0.1271.10
googlechrome
23.0.1271.11
googlechrome
23.0.1271.12
googlechrome
23.0.1271.13
googlechrome
23.0.1271.14
googlechrome
23.0.1271.15
googlechrome
23.0.1271.16
googlechrome
23.0.1271.17
googlechrome
23.0.1271.18
googlechrome
23.0.1271.19
googlechrome
23.0.1271.20
googlechrome
23.0.1271.21
googlechrome
23.0.1271.22
googlechrome
23.0.1271.23
googlechrome
23.0.1271.24
googlechrome
23.0.1271.26
googlechrome
23.0.1271.30
googlechrome
23.0.1271.31
googlechrome
23.0.1271.32
googlechrome
23.0.1271.33
googlechrome
23.0.1271.35
googlechrome
23.0.1271.36
googlechrome
23.0.1271.37
googlechrome
23.0.1271.38
googlechrome
23.0.1271.39
googlechrome
23.0.1271.40
googlechrome
23.0.1271.41
googlechrome
23.0.1271.44
googlechrome
23.0.1271.45
googlechrome
23.0.1271.46
googlechrome
23.0.1271.49
googlechrome
23.0.1271.50
googlechrome
23.0.1271.51
googlechrome
23.0.1271.52
googlechrome
23.0.1271.53
googlechrome
23.0.1271.54
googlechrome
23.0.1271.55
googlechrome
23.0.1271.56
googlechrome
23.0.1271.57
googlechrome
23.0.1271.58
googlechrome
23.0.1271.59
googlechrome
23.0.1271.60
googlechrome
23.0.1271.61
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libwebp
bookworm
1.2.4-0.2+deb12u1
fixed
bookworm (security)
1.2.4-0.2+deb12u1
fixed
bullseye
0.6.1-2.1+deb11u2
fixed
bullseye (security)
0.6.1-2.1+deb11u2
fixed
sid
1.4.0-0.1
fixed
trixie
1.4.0-0.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
hardy
dne
lucid
Fixed 3.0.1271.97-0ubuntu0.10.04.1
released
oneiric
Fixed 3.0.1271.97-0ubuntu0.11.10.1
released
precise
Fixed 3.0.1271.97-0ubuntu0.12.04.1
released
quantal
Fixed 3.0.1271.97-0ubuntu0.12.10.1
released
Common Weakness Enumeration
References
http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html
http://osvdb.org/87079
http://www.securityfocus.com/bid/56413
https://code.google.com/p/chromium/issues/detail?id=157079
https://exchange.xforce.ibmcloud.com/vulnerabilities/79862
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15943
http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html
http://osvdb.org/87079
http://www.securityfocus.com/bid/56413
https://code.google.com/p/chromium/issues/detail?id=157079
https://exchange.xforce.ibmcloud.com/vulnerabilities/79862
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15943