QwikSec

Security Database

CVE

CWE

Training

CVE-2012-5376

Published: Oct 11, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than CVE-2012-5112.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

oval:org.mitre.oval:def:15156

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_SECUNIA

http://code.google.com/p/chromium/issues/detail?id=154983

x_refsource_CONFIRM

http://googlechromereleases.blogspot.com/2012/10/stable-channel-update_6105.html

x_refsource_CONFIRM

vdb-entry

x_refsource_OSVDB

http://blog.chromium.org/2012/10/pwnium-2-results-and-wrap-up_10.html

x_refsource_CONFIRM

http://code.google.com/p/chromium/issues/detail?id=154987

x_refsource_CONFIRM

google-chrome-ipc-sec-bypass(79186)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.