Remote Code Execution Vulnerability in Google Chrome 17.0.963.66 and Earlier

Remote Code Execution Vulnerability in Google Chrome 17.0.963.66 and Earlier

CVE-2012-1846 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a sandboxed process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. NOTE: the primary affected product may be clarified later; it was not identified by the researcher, who reportedly stated "it really doesn't matter if it's third-party code."

Learn more about our Cis Benchmark Audit For Google Chrome.