CVE-2012-4905

{"id": "CVE-2012-4905", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2012-09-13T20:55:01.603", "references": [{"url": "http://googlechromereleases.blogspot.com/2012/09/chrome-for-android-update.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://code.google.com/p/chromium/issues/detail?id=144813", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka \"Universal XSS (UXSS).\""}, {"lang": "es", "value": "Una vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en Google Chrome antes de v18.0.1025308 en Android permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de un 'extra' en un objeto 'Intent'. Se trata de un problema tambi\u00e9n conocido como \"Universal XSS (UXSS)\".\r\n"}], "lastModified": "2012-09-14T13:22:43.290", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AD304AD-1B29-435C-938E-DA4FCF886FEA", "versionEndIncluding": "18.0.1025306"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}