FKIE_CVE-2012-2819

Vulnerability from fkie_nvd - Published: 2012-06-27 10:18 - Updated: 2025-04-11 00:51
Severity ?
Summary
The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service (assertion failure and application crash) or possibly have unspecified other impact via a crafted web page, as demonstrated by certain WebGL performance tests, aka rdar problem 11520387.
References
chrome-cve-admin@google.comhttp://code.google.com/p/chromium/issues/detail?id=120977
chrome-cve-admin@google.comhttp://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
chrome-cve-admin@google.comhttp://trac.webkit.org/changeset/117191
chrome-cve-admin@google.comhttp://trac.webkit.org/changeset/118410
chrome-cve-admin@google.comhttps://bugs.webkit.org/show_bug.cgi?id=85942
chrome-cve-admin@google.comhttps://chromiumcodereview.appspot.com/10444013
chrome-cve-admin@google.comhttps://hermes.opensuse.org/messages/15075728
chrome-cve-admin@google.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14938
af854a3a-2127-422b-91ae-364da2661108http://code.google.com/p/chromium/issues/detail?id=120977
af854a3a-2127-422b-91ae-364da2661108http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
af854a3a-2127-422b-91ae-364da2661108http://trac.webkit.org/changeset/117191
af854a3a-2127-422b-91ae-364da2661108http://trac.webkit.org/changeset/118410
af854a3a-2127-422b-91ae-364da2661108https://bugs.webkit.org/show_bug.cgi?id=85942
af854a3a-2127-422b-91ae-364da2661108https://chromiumcodereview.appspot.com/10444013
af854a3a-2127-422b-91ae-364da2661108https://hermes.opensuse.org/messages/15075728
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14938
Impacted products
Vendor Product Version
google chrome *
google chrome 20.0.1132.0
google chrome 20.0.1132.1
google chrome 20.0.1132.2
google chrome 20.0.1132.3
google chrome 20.0.1132.4
google chrome 20.0.1132.5
google chrome 20.0.1132.6
google chrome 20.0.1132.7
google chrome 20.0.1132.8
google chrome 20.0.1132.9
google chrome 20.0.1132.10
google chrome 20.0.1132.11
google chrome 20.0.1132.12
google chrome 20.0.1132.13
google chrome 20.0.1132.14
google chrome 20.0.1132.15
google chrome 20.0.1132.16
google chrome 20.0.1132.17
google chrome 20.0.1132.18
google chrome 20.0.1132.19
google chrome 20.0.1132.20
google chrome 20.0.1132.21
google chrome 20.0.1132.22
google chrome 20.0.1132.23
google chrome 20.0.1132.24
google chrome 20.0.1132.25
google chrome 20.0.1132.26
google chrome 20.0.1132.27
google chrome 20.0.1132.28
google chrome 20.0.1132.29
google chrome 20.0.1132.30
google chrome 20.0.1132.31
google chrome 20.0.1132.32
google chrome 20.0.1132.33
google chrome 20.0.1132.34
google chrome 20.0.1132.35
google chrome 20.0.1132.36
google chrome 20.0.1132.37
google chrome 20.0.1132.38
google chrome 20.0.1132.39
google chrome 20.0.1132.40
google chrome 20.0.1132.41
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C5E7E3F-3DF6-466D-825E-7484B7F0ED0E",
              "versionEndIncluding": "20.0.1132.42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5559EFC8-18F4-4E5A-9198-E86D0A2D95DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2D24BBC-FED3-4744-AC61-CB11531E9D48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C0FF1E-CE10-45EC-B35C-0D5623697998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "74ACE4E5-56D6-4EDC-8E92-9937A87D28CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC1BC2A3-CE9B-4D6F-B9D5-D408B714468B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F2A3129-C209-4E67-AD08-2DA3D289FB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E3C624-A446-44CC-8141-410E521A21AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BE627E1-DFCB-40D0-A84C-16AE80C73E52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6694631-7054-48AF-B046-32694BFA5DCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "A09C563A-5541-4799-9F6E-B20ABD211185",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCF11B8-1997-4930-AEF2-D008B55D3CB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB5CC75-658A-455A-9BB2-D702523E66FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "13341A40-4EDF-4E15-A693-95F7DEDA9803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "55EA4229-47F8-435E-8475-8E79D5AD7340",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "32C0848C-4A1A-4068-8384-F7FC9314B096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6A5FC9C-F50E-48BA-88F3-9CCE0EF23F44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "08192C42-C286-4694-B45E-25FC177FF8FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CEE0F7-7795-4FB0-BE4E-11795661CE66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0B04B9A-302F-48BB-BCBC-4B2302F73F67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7C41D41-F357-4AA4-AF10-1740E0F65A61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEE569D4-8DC2-44BD-9FEC-4C8E18C1E10F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "71E32C87-CABE-464D-85AE-E5A53E954317",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7004E55-4987-4ADF-B99E-8EE85AC2E626",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBE6A4F6-3903-452C-999A-A26629CC6DEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "757DFB66-2F5F-421E-8014-8CE3E0E83F4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "85675AB6-CA91-462F-903A-7F9A2400A4E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78196D7-8D7F-483B-A587-DCD94FE28E22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC91ABB-129A-467E-9900-D84886BE068E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD4E658-4860-425F-A890-B234791BD2D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "06FF0461-D045-4BC5-B20D-28C7D3A12BE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CB5D96D-9642-4B48-98A2-713E05977948",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDE7D7B-490C-490D-9F2A-00DF72598ACF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "2485E36F-E014-45F9-80D2-79CC560DD68D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "85809C6A-B4C9-4B57-A295-2805A789F495",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1DFFBD0-5E00-453B-B33A-A94B43278F33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A04F552-DB31-4F27-A1ED-38A1D857E6CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "C49C1C7C-D235-45F2-B54A-E82DCF29E53A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0FBAF0-31DE-42DA-B9A0-9E06DB4C59ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C38A9D-20A6-4AE9-93DA-00D69130907D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "6529FF3F-6316-4093-8F93-1977809C6151",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "18A1B84B-B5AC-4E4A-83C6-601C3D359527",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:20.0.1132.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1B10F5-D24A-4614-B9D4-927380E02011",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service (assertion failure and application crash) or possibly have unspecified other impact via a crafted web page, as demonstrated by certain WebGL performance tests, aka rdar problem 11520387."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n texSubImage2D en el subsistema WebGL en Google Chrome anterior a v20.0.1132.43 no controla correctamente la carga de texturas de punto flotante, lo cual permite a atacantes remotos provocar una denegaci\u00f3n de servicio (error de aserci\u00f3n y ca\u00edda de la aplicaci\u00f3n) o posiblemente tener otros impactos a trav\u00e9s de una p\u00e1gina web manipulada, como lo demuestran ciertos test de rendimiento en WebGL, tambi\u00e9n conocido como problema rdar 11520387."
    }
  ],
  "id": "CVE-2012-2819",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-06-27T10:18:38.837",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://code.google.com/p/chromium/issues/detail?id=120977"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://trac.webkit.org/changeset/117191"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://trac.webkit.org/changeset/118410"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://bugs.webkit.org/show_bug.cgi?id=85942"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://chromiumcodereview.appspot.com/10444013"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://hermes.opensuse.org/messages/15075728"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://code.google.com/p/chromium/issues/detail?id=120977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://trac.webkit.org/changeset/117191"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://trac.webkit.org/changeset/118410"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.webkit.org/show_bug.cgi?id=85942"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://chromiumcodereview.appspot.com/10444013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://hermes.opensuse.org/messages/15075728"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14938"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.