{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-07-31T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01.000Z", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://code.google.com/p/chromium/issues/detail?id=128163"}, {"name": "oval:org.mitre.oval:def:15653", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15653"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2012-2849", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://code.google.com/p/chromium/issues/detail?id=128163", "refsource": "CONFIRM", "url": "http://code.google.com/p/chromium/issues/detail?id=128163"}, {"name": "oval:org.mitre.oval:def:15653", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15653"}, {"name": "http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:50:05.262Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://code.google.com/p/chromium/issues/detail?id=128163"}, {"name": "oval:org.mitre.oval:def:15653", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15653"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2012-2849", "datePublished": "2012-08-06T15:00:00.000Z", "dateReserved": "2012-05-19T00:00:00.000Z", "dateUpdated": "2024-08-06T19:50:05.262Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "95449FAB-4F05-4CD9-AC28-050164CB52EB", "versionEndIncluding": "21.0.1180.56", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.0:*:*:*:*:*:*:*", "matchCriteriaId": "767C0C1A-EAC4-4F98-9E80-CFDA5069F118", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.1:*:*:*:*:*:*:*", "matchCriteriaId": "0E2554F0-0DEB-41A0-A595-6A524F9EC001", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.2:*:*:*:*:*:*:*", "matchCriteriaId": "4F542051-CEED-45A4-BB83-937069D07CB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.31:*:*:*:*:*:*:*", "matchCriteriaId": "AC926FFC-EF03-46F0-B5B5-02B34571D6C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.32:*:*:*:*:*:*:*", "matchCriteriaId": "24849FF0-F873-4365-9B82-F16AD7F4A291", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.33:*:*:*:*:*:*:*", "matchCriteriaId": "8E784307-0538-4524-94EA-A88B1ABD0E2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.34:*:*:*:*:*:*:*", "matchCriteriaId": "5655EFE7-69CB-469F-A00A-D6F3F7F492E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.35:*:*:*:*:*:*:*", "matchCriteriaId": "D3B22D68-9E32-4566-8ED1-F1CE87903F98", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.36:*:*:*:*:*:*:*", "matchCriteriaId": "40DB1183-DFF5-4251-BCDF-2F7696ABBFA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.37:*:*:*:*:*:*:*", "matchCriteriaId": "8BD5341A-E508-4E5B-B03F-677D97E5A464", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.38:*:*:*:*:*:*:*", "matchCriteriaId": "E096479F-4C69-445A-8C2B-7201896F401B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.39:*:*:*:*:*:*:*", "matchCriteriaId": "25756B8C-FBEB-4D7F-99E6-EA7D27B07B39", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.41:*:*:*:*:*:*:*", "matchCriteriaId": "41371794-2083-4188-90BE-506419DC0B82", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.46:*:*:*:*:*:*:*", "matchCriteriaId": "51FF3E52-3E8E-4D2F-ABA3-B7D83219D723", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.47:*:*:*:*:*:*:*", "matchCriteriaId": "981570FA-6B44-49A8-9C9B-7D5127E90F6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.48:*:*:*:*:*:*:*", "matchCriteriaId": "36D2B7FE-2B20-47CA-9B3C-B726E21659E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.49:*:*:*:*:*:*:*", "matchCriteriaId": "858BDFA4-E9CB-4537-ABA7-4283318CA501", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.50:*:*:*:*:*:*:*", "matchCriteriaId": "76D0CD04-8EF4-4B6A-BD4F-1DFCDDDD4DED", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.51:*:*:*:*:*:*:*", "matchCriteriaId": "9E912B5D-81F3-4A93-A0E6-B1CFDE2B46EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.52:*:*:*:*:*:*:*", "matchCriteriaId": "B578A2BC-9360-428C-9AFE-DC9DB9E0A621", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.53:*:*:*:*:*:*:*", "matchCriteriaId": "9DCB6048-5A18-4FD6-A21B-95B595CF943C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.54:*:*:*:*:*:*:*", "matchCriteriaId": "28882288-859D-425C-8BA3-F46D058B61D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.55:*:*:*:*:*:*:*", "matchCriteriaId": "444AD7BB-FE0B-4A51-BA89-EE2647F4E8AE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7C265F9-3170-4216-81E6-EFEDCD76F46C", "versionEndIncluding": "21.0.1180.59", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.0:*:*:*:*:*:*:*", "matchCriteriaId": "767C0C1A-EAC4-4F98-9E80-CFDA5069F118", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.1:*:*:*:*:*:*:*", "matchCriteriaId": "0E2554F0-0DEB-41A0-A595-6A524F9EC001", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.2:*:*:*:*:*:*:*", "matchCriteriaId": "4F542051-CEED-45A4-BB83-937069D07CB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.31:*:*:*:*:*:*:*", "matchCriteriaId": "AC926FFC-EF03-46F0-B5B5-02B34571D6C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.32:*:*:*:*:*:*:*", "matchCriteriaId": "24849FF0-F873-4365-9B82-F16AD7F4A291", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.33:*:*:*:*:*:*:*", "matchCriteriaId": "8E784307-0538-4524-94EA-A88B1ABD0E2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.34:*:*:*:*:*:*:*", "matchCriteriaId": "5655EFE7-69CB-469F-A00A-D6F3F7F492E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.35:*:*:*:*:*:*:*", "matchCriteriaId": "D3B22D68-9E32-4566-8ED1-F1CE87903F98", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.36:*:*:*:*:*:*:*", "matchCriteriaId": "40DB1183-DFF5-4251-BCDF-2F7696ABBFA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.37:*:*:*:*:*:*:*", "matchCriteriaId": "8BD5341A-E508-4E5B-B03F-677D97E5A464", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.38:*:*:*:*:*:*:*", "matchCriteriaId": "E096479F-4C69-445A-8C2B-7201896F401B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.39:*:*:*:*:*:*:*", "matchCriteriaId": "25756B8C-FBEB-4D7F-99E6-EA7D27B07B39", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.41:*:*:*:*:*:*:*", "matchCriteriaId": "41371794-2083-4188-90BE-506419DC0B82", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.46:*:*:*:*:*:*:*", "matchCriteriaId": "51FF3E52-3E8E-4D2F-ABA3-B7D83219D723", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.47:*:*:*:*:*:*:*", "matchCriteriaId": "981570FA-6B44-49A8-9C9B-7D5127E90F6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.48:*:*:*:*:*:*:*", "matchCriteriaId": "36D2B7FE-2B20-47CA-9B3C-B726E21659E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.49:*:*:*:*:*:*:*", "matchCriteriaId": "858BDFA4-E9CB-4537-ABA7-4283318CA501", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.50:*:*:*:*:*:*:*", "matchCriteriaId": "76D0CD04-8EF4-4B6A-BD4F-1DFCDDDD4DED", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.51:*:*:*:*:*:*:*", "matchCriteriaId": "9E912B5D-81F3-4A93-A0E6-B1CFDE2B46EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.52:*:*:*:*:*:*:*", "matchCriteriaId": "B578A2BC-9360-428C-9AFE-DC9DB9E0A621", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.53:*:*:*:*:*:*:*", "matchCriteriaId": "9DCB6048-5A18-4FD6-A21B-95B595CF943C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.54:*:*:*:*:*:*:*", "matchCriteriaId": "28882288-859D-425C-8BA3-F46D058B61D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.55:*:*:*:*:*:*:*", "matchCriteriaId": "444AD7BB-FE0B-4A51-BA89-EE2647F4E8AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.56:*:*:*:*:*:*:*", "matchCriteriaId": "A0692DD3-562D-4BE7-BB61-1549EFFF9CD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:21.0.1180.57:*:*:*:*:*:*:*", "matchCriteriaId": "5FF70696-70A8-4DFA-A0C3-172A103F3F24", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:google:frame:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AFF5F06-FE87-4120-A2EE-F66CEF5D7E0E", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image."}, {"lang": "es", "value": "Error (Off-by-one) en el decodificador GIF en Google Chrome anterior a v21.0.1180.57 en Mac OS X y Linux, y anterior a v21.0.1180.60 en Windows y Chrome Frame, permite a atacantes remotos causar una denegaci\u00f3n de servicio debido a una lectura fuera de l\u00edmites (out-of-bounds read) a trav\u00e9s de una imagen hecha a mano."}], "id": "CVE-2012-2849", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-08-06T15:55:01.570", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://code.google.com/p/chromium/issues/detail?id=128163"}, {"source": "chrome-cve-admin@google.com", "url": "http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html"}, {"source": "chrome-cve-admin@google.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15653"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://code.google.com/p/chromium/issues/detail?id=128163"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15653"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}