CVE-2012-2899

Published Jan 5, 2014
Last updated a year ago
CVSS info 4.3
Overview

Description: Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigger use of an applewebdata: URL, which allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors involving the document.write method.
Source: chrome-cve-admin@google.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-79
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9717017-30FA-4B12-BAE7-14A61831F2AB",
            "versionEndIncluding": "21.0.1180.81"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "767C0C1A-EAC4-4F98-9E80-CFDA5069F118"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E2554F0-0DEB-41A0-A595-6A524F9EC001"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F542051-CEED-45A4-BB83-937069D07CB2"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC926FFC-EF03-46F0-B5B5-02B34571D6C4"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24849FF0-F873-4365-9B82-F16AD7F4A291"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E784307-0538-4524-94EA-A88B1ABD0E2E"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5655EFE7-69CB-469F-A00A-D6F3F7F492E4"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3B22D68-9E32-4566-8ED1-F1CE87903F98"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40DB1183-DFF5-4251-BCDF-2F7696ABBFA0"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.37:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BD5341A-E508-4E5B-B03F-677D97E5A464"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.38:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E096479F-4C69-445A-8C2B-7201896F401B"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.39:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25756B8C-FBEB-4D7F-99E6-EA7D27B07B39"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41371794-2083-4188-90BE-506419DC0B82"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.46:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51FF3E52-3E8E-4D2F-ABA3-B7D83219D723"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.47:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "981570FA-6B44-49A8-9C9B-7D5127E90F6C"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.48:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36D2B7FE-2B20-47CA-9B3C-B726E21659E8"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.49:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "858BDFA4-E9CB-4537-ABA7-4283318CA501"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76D0CD04-8EF4-4B6A-BD4F-1DFCDDDD4DED"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E912B5D-81F3-4A93-A0E6-B1CFDE2B46EE"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.52:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B578A2BC-9360-428C-9AFE-DC9DB9E0A621"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9DCB6048-5A18-4FD6-A21B-95B595CF943C"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.54:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28882288-859D-425C-8BA3-F46D058B61D6"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.55:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "444AD7BB-FE0B-4A51-BA89-EE2647F4E8AE"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.56:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0692DD3-562D-4BE7-BB61-1549EFFF9CD5"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.57:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FF70696-70A8-4DFA-A0C3-172A103F3F24"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.59:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25241621-CBB0-4E39-B901-2F70EE476722"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.60:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1355883C-C184-46C1-9CF7-AA59B0FC61B7"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.61:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB090D01-9F7E-49CF-8356-80CC03999121"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.62:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A37AB354-581C-42CA-B8E9-9AEAC0B326AF"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.63:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "885EFC87-061C-4EEF-880A-68D7D53BACDA"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.64:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D58B0932-1DF3-4308-8D82-B20564E974F8"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.68:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8FAD1E6-788F-4295-BFD2-F3CE99B14934"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.69:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF8AB897-7A45-4360-AFA7-EB7C8690ADD9"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.70:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EF0FA83-C464-4270-A4E8-1441DF4ECFAD"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.71:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86B70015-F651-467C-A846-5C97772D91EA"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.72:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C07A549D-48EF-434C-ABBA-0FF7078060D7"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.73:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B573E86E-3512-4DB9-911E-1B27A3BB69DC"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.74:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2BDB997-D125-4B5D-9680-9AED7D89FD0A"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.75:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BAF7E49-6795-4848-AADD-40D8B2D5F5BA"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.76:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7B244B3-86E0-4E1D-96A5-E0B9B50F2ADB"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.77:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0FF1C67-9CB7-4C78-9F3C-C88AB5A6284D"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.78:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3371BBF5-0B82-4005-96AE-9B604A2FA70B"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.79:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5916EA0D-D763-4650-9AC4-A38C6E8EB052"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:21.0.1180.80:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "443C5B0F-8FC6-40E3-AA95-BB8884176002"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:apple:ipad2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E7BFD4E0-321E-4ECB-82A5-80E9CB6E4EED"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
