FKIE_CVE-2012-2857

Vulnerability from fkie_nvd - Published: 2012-08-06 15:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in the Cascading Style Sheets (CSS) DOM implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
References
chrome-cve-admin@google.comhttp://code.google.com/p/chromium/issues/detail?id=136235
chrome-cve-admin@google.comhttp://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html
chrome-cve-admin@google.comhttp://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html
chrome-cve-admin@google.comhttp://lists.apple.com/archives/security-announce/2013/Mar/msg00003.html
chrome-cve-admin@google.comhttp://support.apple.com/kb/HT5642
chrome-cve-admin@google.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15336
af854a3a-2127-422b-91ae-364da2661108http://code.google.com/p/chromium/issues/detail?id=136235
af854a3a-2127-422b-91ae-364da2661108http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2013/Mar/msg00003.html
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT5642
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15336
Impacted products
Vendor Product Version
apple iphone_os *
apple iphone_os 6.0
apple iphone_os 6.0.1
google chrome *
google chrome 21.0.1180.0
google chrome 21.0.1180.1
google chrome 21.0.1180.2
google chrome 21.0.1180.31
google chrome 21.0.1180.32
google chrome 21.0.1180.33
google chrome 21.0.1180.34
google chrome 21.0.1180.35
google chrome 21.0.1180.36
google chrome 21.0.1180.37
google chrome 21.0.1180.38
google chrome 21.0.1180.39
google chrome 21.0.1180.41
google chrome 21.0.1180.46
google chrome 21.0.1180.47
google chrome 21.0.1180.48
google chrome 21.0.1180.49
google chrome 21.0.1180.50
google chrome 21.0.1180.51
google chrome 21.0.1180.52
google chrome 21.0.1180.53
google chrome 21.0.1180.54
google chrome 21.0.1180.55
google chrome 21.0.1180.56
google chrome 21.0.1180.57
google frame -
microsoft windows *
google chrome *
google chrome 21.0.1180.0
google chrome 21.0.1180.1
google chrome 21.0.1180.2
google chrome 21.0.1180.31
google chrome 21.0.1180.32
google chrome 21.0.1180.33
google chrome 21.0.1180.34
google chrome 21.0.1180.35
google chrome 21.0.1180.36
google chrome 21.0.1180.37
google chrome 21.0.1180.38
google chrome 21.0.1180.39
google chrome 21.0.1180.41
google chrome 21.0.1180.46
google chrome 21.0.1180.47
google chrome 21.0.1180.48
google chrome 21.0.1180.49
google chrome 21.0.1180.50
google chrome 21.0.1180.51
google chrome 21.0.1180.52
google chrome 21.0.1180.53
google chrome 21.0.1180.54
google chrome 21.0.1180.55
apple mac_os_x *
linux linux_kernel *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FD52712-0484-421B-A5DD-2CF0B4C027BD",
              "versionEndIncluding": "6.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEE0068D-C699-4646-9658-610409925A79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87C215DD-BC98-4283-BF13-69556EF7CB78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7C265F9-3170-4216-81E6-EFEDCD76F46C",
              "versionEndIncluding": "21.0.1180.59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "767C0C1A-EAC4-4F98-9E80-CFDA5069F118",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E2554F0-0DEB-41A0-A595-6A524F9EC001",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F542051-CEED-45A4-BB83-937069D07CB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC926FFC-EF03-46F0-B5B5-02B34571D6C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "24849FF0-F873-4365-9B82-F16AD7F4A291",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E784307-0538-4524-94EA-A88B1ABD0E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "5655EFE7-69CB-469F-A00A-D6F3F7F492E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B22D68-9E32-4566-8ED1-F1CE87903F98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "40DB1183-DFF5-4251-BCDF-2F7696ABBFA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BD5341A-E508-4E5B-B03F-677D97E5A464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "E096479F-4C69-445A-8C2B-7201896F401B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "25756B8C-FBEB-4D7F-99E6-EA7D27B07B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "41371794-2083-4188-90BE-506419DC0B82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "51FF3E52-3E8E-4D2F-ABA3-B7D83219D723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "981570FA-6B44-49A8-9C9B-7D5127E90F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D2B7FE-2B20-47CA-9B3C-B726E21659E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "858BDFA4-E9CB-4537-ABA7-4283318CA501",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0CD04-8EF4-4B6A-BD4F-1DFCDDDD4DED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E912B5D-81F3-4A93-A0E6-B1CFDE2B46EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "B578A2BC-9360-428C-9AFE-DC9DB9E0A621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DCB6048-5A18-4FD6-A21B-95B595CF943C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "28882288-859D-425C-8BA3-F46D058B61D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "444AD7BB-FE0B-4A51-BA89-EE2647F4E8AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0692DD3-562D-4BE7-BB61-1549EFFF9CD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FF70696-70A8-4DFA-A0C3-172A103F3F24",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:frame:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AFF5F06-FE87-4120-A2EE-F66CEF5D7E0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95449FAB-4F05-4CD9-AC28-050164CB52EB",
              "versionEndIncluding": "21.0.1180.56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "767C0C1A-EAC4-4F98-9E80-CFDA5069F118",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E2554F0-0DEB-41A0-A595-6A524F9EC001",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F542051-CEED-45A4-BB83-937069D07CB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC926FFC-EF03-46F0-B5B5-02B34571D6C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "24849FF0-F873-4365-9B82-F16AD7F4A291",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E784307-0538-4524-94EA-A88B1ABD0E2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "5655EFE7-69CB-469F-A00A-D6F3F7F492E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B22D68-9E32-4566-8ED1-F1CE87903F98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "40DB1183-DFF5-4251-BCDF-2F7696ABBFA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BD5341A-E508-4E5B-B03F-677D97E5A464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "E096479F-4C69-445A-8C2B-7201896F401B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "25756B8C-FBEB-4D7F-99E6-EA7D27B07B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "41371794-2083-4188-90BE-506419DC0B82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "51FF3E52-3E8E-4D2F-ABA3-B7D83219D723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "981570FA-6B44-49A8-9C9B-7D5127E90F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D2B7FE-2B20-47CA-9B3C-B726E21659E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "858BDFA4-E9CB-4537-ABA7-4283318CA501",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0CD04-8EF4-4B6A-BD4F-1DFCDDDD4DED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E912B5D-81F3-4A93-A0E6-B1CFDE2B46EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "B578A2BC-9360-428C-9AFE-DC9DB9E0A621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DCB6048-5A18-4FD6-A21B-95B595CF943C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "28882288-859D-425C-8BA3-F46D058B61D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:21.0.1180.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "444AD7BB-FE0B-4A51-BA89-EE2647F4E8AE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use-after-free vulnerability in the Cascading Style Sheets (CSS) DOM implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n (use-after-free) en las Hojas de Estilo en Cascada (CSS) en la implementaci\u00f3n DOM Google Chrome anteriores a v21.0.1180.57 en Mac OS X y Linux, y anteriores a v21.0.1180.60 en Windows y Chrome Frame, permite a atacantes remotos provocar una denegaci\u00f3n de servicio o posiblemente tener un impacto no especificado a trav\u00e9s de un documento manipulado."
    }
  ],
  "id": "CVE-2012-2857",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-08-06T15:55:01.917",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://code.google.com/p/chromium/issues/detail?id=136235"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.apple.com/archives/security-announce/2013/Mar/msg00003.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://support.apple.com/kb/HT5642"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://code.google.com/p/chromium/issues/detail?id=136235"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2013/Mar/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT5642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15336"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.