CVE-2012-1845

Priority
Medium
Description
Use-after-free vulnerability in Google Chrome 17.0.963.66 and earlier
allows remote attackers to bypass the DEP and ASLR protection mechanisms,
and execute arbitrary code, via unspecified vectors, as demonstrated by
VUPEN during a Pwn2Own competition at CanSecWest 2012. NOTE: the primary
affected product may be clarified later; it was not identified by the
researcher, who reportedly stated "it really doesn't matter if it's
third-party code."
References
Notes
 jdstrand> VUPEN won't release the exploit to Google to fix it, and access to
  the exploit is behind a paywall, so there is nothing to do. Marking deferred
  for now. Will re-open if new information is available.
Package
Upstream:needed
Ubuntu 12.04 LTS (Precise Pangolin):deferred
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:40:36 UTC (commit 9756)