Unknown
CVE-2012-2897
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)
Unknown
(0 users assessed)Unknown
Unknown
Unknown
CVE-2012-2897
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chrome before 22.0.1229.79 and other programs, do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted TrueType font file, aka “Windows Font Parsing Vulnerability” or “TrueType Font Parsing Vulnerability.”
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Products
- chrome,
- chrome 22.0.1229.0,
- chrome 22.0.1229.1,
- chrome 22.0.1229.10,
- chrome 22.0.1229.11,
- chrome 22.0.1229.12,
- chrome 22.0.1229.14,
- chrome 22.0.1229.16,
- chrome 22.0.1229.17,
- chrome 22.0.1229.18,
- chrome 22.0.1229.2,
- chrome 22.0.1229.20,
- chrome 22.0.1229.21,
- chrome 22.0.1229.22,
- chrome 22.0.1229.23,
- chrome 22.0.1229.24,
- chrome 22.0.1229.25,
- chrome 22.0.1229.26,
- chrome 22.0.1229.27,
- chrome 22.0.1229.28,
- chrome 22.0.1229.29,
- chrome 22.0.1229.3,
- chrome 22.0.1229.31,
- chrome 22.0.1229.32,
- chrome 22.0.1229.33,
- chrome 22.0.1229.35,
- chrome 22.0.1229.36,
- chrome 22.0.1229.37,
- chrome 22.0.1229.39,
- chrome 22.0.1229.4,
- chrome 22.0.1229.48,
- chrome 22.0.1229.49,
- chrome 22.0.1229.50,
- chrome 22.0.1229.51,
- chrome 22.0.1229.52,
- chrome 22.0.1229.53,
- chrome 22.0.1229.54,
- chrome 22.0.1229.55,
- chrome 22.0.1229.56,
- chrome 22.0.1229.57,
- chrome 22.0.1229.58,
- chrome 22.0.1229.59,
- chrome 22.0.1229.6,
- chrome 22.0.1229.60,
- chrome 22.0.1229.62,
- chrome 22.0.1229.63,
- chrome 22.0.1229.64,
- chrome 22.0.1229.65,
- chrome 22.0.1229.67,
- chrome 22.0.1229.7,
- chrome 22.0.1229.76,
- chrome 22.0.1229.8,
- chrome 22.0.1229.9,
- windows 7 -,
- windows 8 -,
- windows rt -,
- windows server 2003,
- windows server 2008,
- windows server 2008 -,
- windows server 2012 -,
- windows vista,
- windows vista -,
- windows xp,
- windows xp -
References
Advisory
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
