Vulnerability in Google Chrome

CVE-2012-4929

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to o…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.043 (89.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2012-4929?
CVE-2012-4929 is a vulnerability in Google Chrome, classified under Cryptographic Issues. Published 2012-09-15.
Is CVE-2012-4929 known to be exploited?
63 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.