CVE-2012-5138
First published: Tue Dec 04 2012(Updated: )
Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors.
Credit: cve-coordination@google.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Chrome (Trace Event) | <=23.0.1271.94 | |
| Google Chrome (Trace Event) | =23.0.1271.0 | |
| Google Chrome (Trace Event) | =23.0.1271.1 | |
| Google Chrome (Trace Event) | =23.0.1271.2 | |
| Google Chrome (Trace Event) | =23.0.1271.3 | |
| Google Chrome (Trace Event) | =23.0.1271.4 | |
| Google Chrome (Trace Event) | =23.0.1271.5 | |
| Google Chrome (Trace Event) | =23.0.1271.6 | |
| Google Chrome (Trace Event) | =23.0.1271.7 | |
| Google Chrome (Trace Event) | =23.0.1271.8 | |
| Google Chrome (Trace Event) | =23.0.1271.9 | |
| Google Chrome (Trace Event) | =23.0.1271.10 | |
| Google Chrome (Trace Event) | =23.0.1271.11 | |
| Google Chrome (Trace Event) | =23.0.1271.12 | |
| Google Chrome (Trace Event) | =23.0.1271.13 | |
| Google Chrome (Trace Event) | =23.0.1271.14 | |
| Google Chrome (Trace Event) | =23.0.1271.15 | |
| Google Chrome (Trace Event) | =23.0.1271.16 | |
| Google Chrome (Trace Event) | =23.0.1271.17 | |
| Google Chrome (Trace Event) | =23.0.1271.18 | |
| Google Chrome (Trace Event) | =23.0.1271.19 | |
| Google Chrome (Trace Event) | =23.0.1271.20 | |
| Google Chrome (Trace Event) | =23.0.1271.21 | |
| Google Chrome (Trace Event) | =23.0.1271.22 | |
| Google Chrome (Trace Event) | =23.0.1271.23 | |
| Google Chrome (Trace Event) | =23.0.1271.24 | |
| Google Chrome (Trace Event) | =23.0.1271.26 | |
| Google Chrome (Trace Event) | =23.0.1271.30 | |
| Google Chrome (Trace Event) | =23.0.1271.31 | |
| Google Chrome (Trace Event) | =23.0.1271.32 | |
| Google Chrome (Trace Event) | =23.0.1271.33 | |
| Google Chrome (Trace Event) | =23.0.1271.35 | |
| Google Chrome (Trace Event) | =23.0.1271.36 | |
| Google Chrome (Trace Event) | =23.0.1271.37 | |
| Google Chrome (Trace Event) | =23.0.1271.38 | |
| Google Chrome (Trace Event) | =23.0.1271.39 | |
| Google Chrome (Trace Event) | =23.0.1271.40 | |
| Google Chrome (Trace Event) | =23.0.1271.41 | |
| Google Chrome (Trace Event) | =23.0.1271.44 | |
| Google Chrome (Trace Event) | =23.0.1271.45 | |
| Google Chrome (Trace Event) | =23.0.1271.46 | |
| Google Chrome (Trace Event) | =23.0.1271.49 | |
| Google Chrome (Trace Event) | =23.0.1271.50 | |
| Google Chrome (Trace Event) | =23.0.1271.51 | |
| Google Chrome (Trace Event) | =23.0.1271.52 | |
| Google Chrome (Trace Event) | =23.0.1271.53 | |
| Google Chrome (Trace Event) | =23.0.1271.54 | |
| Google Chrome (Trace Event) | =23.0.1271.55 | |
| Google Chrome (Trace Event) | =23.0.1271.56 | |
| Google Chrome (Trace Event) | =23.0.1271.57 | |
| Google Chrome (Trace Event) | =23.0.1271.58 | |
| Google Chrome (Trace Event) | =23.0.1271.59 | |
| Google Chrome (Trace Event) | =23.0.1271.60 | |
| Google Chrome (Trace Event) | =23.0.1271.61 | |
| Google Chrome (Trace Event) | =23.0.1271.62 | |
| Google Chrome (Trace Event) | =23.0.1271.64 | |
| Google Chrome (Trace Event) | =23.0.1271.83 | |
| Google Chrome (Trace Event) | =23.0.1271.84 | |
| Google Chrome (Trace Event) | =23.0.1271.85 | |
| Google Chrome (Trace Event) | =23.0.1271.86 | |
| Google Chrome (Trace Event) | =23.0.1271.87 | |
| Google Chrome (Trace Event) | =23.0.1271.88 | |
| Google Chrome (Trace Event) | =23.0.1271.89 | |
| Google Chrome (Trace Event) | =23.0.1271.91 | |
| Google Chrome (Trace Event) | =23.0.1271.92 | |
| Google Chrome (Trace Event) | =23.0.1271.93 | |
| SUSE Linux | =12.1 | |
| SUSE Linux | =12.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://googlechromereleases.blogspot.com/2012/11/stable-channel-update_29.html
- http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html
- http://secunia.com/advisories/51447
- http://www.securityfocus.com/bid/56741
- https://code.google.com/p/chromium/issues/detail?id=161564
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15638
Frequently Asked Questions
What is the severity of CVE-2012-5138?
The severity of CVE-2012-5138 is considered moderate due to unspecified impacts and potential attack vectors.
How do I fix CVE-2012-5138?
To fix CVE-2012-5138, users should update Google Chrome to version 23.0.1271.95 or later.
Which versions of Google Chrome are affected by CVE-2012-5138?
CVE-2012-5138 affects Google Chrome versions prior to 23.0.1271.95.
Can CVE-2012-5138 be exploited remotely?
Yes, CVE-2012-5138 may be exploitable remotely due to its impact on file path handling.
What type of vulnerability is CVE-2012-5138 classified as?
CVE-2012-5138 is classified as a path traversal vulnerability.
- agent/references
- agent/type
- agent/author
- agent/severity
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/google
- canonical/google chrome (trace event)
- version/google chrome (trace event)/23.0.1271.94
- version/google chrome (trace event)/23.0.1271.0
- version/google chrome (trace event)/23.0.1271.1
- version/google chrome (trace event)/23.0.1271.2
- version/google chrome (trace event)/23.0.1271.3
- version/google chrome (trace event)/23.0.1271.4
- version/google chrome (trace event)/23.0.1271.5
- version/google chrome (trace event)/23.0.1271.6
- version/google chrome (trace event)/23.0.1271.7
- version/google chrome (trace event)/23.0.1271.8
- version/google chrome (trace event)/23.0.1271.9
- version/google chrome (trace event)/23.0.1271.10
- version/google chrome (trace event)/23.0.1271.11
- version/google chrome (trace event)/23.0.1271.12
- version/google chrome (trace event)/23.0.1271.13
- version/google chrome (trace event)/23.0.1271.14
- version/google chrome (trace event)/23.0.1271.15
- version/google chrome (trace event)/23.0.1271.16
- version/google chrome (trace event)/23.0.1271.17
- version/google chrome (trace event)/23.0.1271.18
- version/google chrome (trace event)/23.0.1271.19
- version/google chrome (trace event)/23.0.1271.20
- version/google chrome (trace event)/23.0.1271.21
- version/google chrome (trace event)/23.0.1271.22
- version/google chrome (trace event)/23.0.1271.23
- version/google chrome (trace event)/23.0.1271.24
- version/google chrome (trace event)/23.0.1271.26
- version/google chrome (trace event)/23.0.1271.30
- version/google chrome (trace event)/23.0.1271.31
- version/google chrome (trace event)/23.0.1271.32
- version/google chrome (trace event)/23.0.1271.33
- version/google chrome (trace event)/23.0.1271.35
- version/google chrome (trace event)/23.0.1271.36
- version/google chrome (trace event)/23.0.1271.37
- version/google chrome (trace event)/23.0.1271.38
- version/google chrome (trace event)/23.0.1271.39
- version/google chrome (trace event)/23.0.1271.40
- version/google chrome (trace event)/23.0.1271.41
- version/google chrome (trace event)/23.0.1271.44
- version/google chrome (trace event)/23.0.1271.45
- version/google chrome (trace event)/23.0.1271.46
- version/google chrome (trace event)/23.0.1271.49
- version/google chrome (trace event)/23.0.1271.50
- version/google chrome (trace event)/23.0.1271.51
- version/google chrome (trace event)/23.0.1271.52
- version/google chrome (trace event)/23.0.1271.53
- version/google chrome (trace event)/23.0.1271.54
- version/google chrome (trace event)/23.0.1271.55
- version/google chrome (trace event)/23.0.1271.56
- version/google chrome (trace event)/23.0.1271.57
- version/google chrome (trace event)/23.0.1271.58
- version/google chrome (trace event)/23.0.1271.59
- version/google chrome (trace event)/23.0.1271.60
- version/google chrome (trace event)/23.0.1271.61
- version/google chrome (trace event)/23.0.1271.62
- version/google chrome (trace event)/23.0.1271.64
- version/google chrome (trace event)/23.0.1271.83
- version/google chrome (trace event)/23.0.1271.84
- version/google chrome (trace event)/23.0.1271.85
- version/google chrome (trace event)/23.0.1271.86
- version/google chrome (trace event)/23.0.1271.87
- version/google chrome (trace event)/23.0.1271.88
- version/google chrome (trace event)/23.0.1271.89
- version/google chrome (trace event)/23.0.1271.91
- version/google chrome (trace event)/23.0.1271.92
- version/google chrome (trace event)/23.0.1271.93
- vendor/opensuse
- canonical/suse linux
- version/suse linux/12.1
- version/suse linux/12.2