Buffer overflow in Google Chrome
CVE-2012-2897
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chr…
Vulnerability class: Buffer Overflow
EPSS: 0.409 (97.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Google Chrome — versions 22.0.1229.0, 22.0.1229.1, 22.0.1229.2
- Microsoft Windows_7
- Microsoft Windows_8
- Microsoft Windows_rt
- Microsoft Windows_server_2003
- Microsoft Windows_server_2008
- Microsoft Windows_server_2012
- Microsoft Windows_vista
- Microsoft Windows_xp
- N/a — versions n/a
Weakness classification (CWE)
References
- google-chrome-cve20122897(78822) (vdb-entry, x_refsource_XF)
- TA12-318A (x_refsource_CERT, third-party-advisory)
- oval:org.mitre.oval:def:15847 (x_refsource_OVAL, signature, vdb-entry)
- 1027750 (vdb-entry, x_refsource_SECTRACK)
- chrome-cve-admin@google.com (x_refsource_CONFIRM)
- chrome-cve-admin@google.com (x_refsource_CONFIRM)
- MS12-075 (x_refsource_MS, vendor-advisory)
- 51239 (x_refsource_SECUNIA, third-party-advisory)
Frequently asked questions
- What is CVE-2012-2897?
- CVE-2012-2897 is a high-severity vulnerability in Google Chrome, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 7.8/10. Published 2012-09-26.
- How severe is CVE-2012-2897?
- High severity. CVSS v3 base score is 7.8 out of 10.