CVE-2012-5136

Published: 28 November 2012

Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.

Priority

Status

Package	Release	Status
chromium-browser Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Released (3.0.1271.97-0ubuntu0.10.04.1)
	oneiric	Released (3.0.1271.97-0ubuntu0.11.10.1)
	precise	Released (3.0.1271.97-0ubuntu0.12.04.1)
	quantal	Released (3.0.1271.97-0ubuntu0.12.10.1)
	upstream	Released (23.0.1271.91)

References

https://code.google.com/p/chromium/issues/detail?id=159829
http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html
https://www.cve.org/CVERecord?id=CVE-2012-5136
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.