製品・ソフトウェアに関する情報

JVN脆弱性詳細

iPad デバイス上の iOS で稼働する Google Chrome における Omnibox URL を偽装される脆弱性

タイトル	iPad デバイス上の iOS で稼働する Google Chrome における Omnibox URL を偽装される脆弱性
概要	iPad デバイス上の iOS で稼働する Google Chrome には、Omnibox URL を偽装される脆弱性が存在します。本脆弱性は、CVE-2012-0674 と関連する問題です。
想定される影響	第三者により、SSL エラーメッセージに関する問題によって、Omnibox URL を偽装される可能性があります。
対策	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
公表日	2012年9月24日0:00
登録日	2014年1月8日14:27
最終更新日	2014年1月8日14:27

CVSS2.0 : 警告
スコア	5
ベクター	AV:N/AC:L/Au:N/C:N/I:P/A:N

影響を受けるシステム

Google

Google Chrome 21.0.1180.82 未満 (iPad 2)

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2012-2898	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2898
National Vulnerability Database (NVD)
2	CVE-2012-2898	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2898

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-310	https://jvndb.jvn.jp/ja/cwe/CWE-310.html

ベンダー情報

No	名前	URL
Google
1	Chrome for iOS Update	http://googlechromereleases.blogspot.jp/2012/09/chrome-for-ios-update_24.html
2	Google Chrome	http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja&hl=ja
3	Issue 146760	https://code.google.com/p/chromium/issues/detail?id=146760

変更履歴

No	変更内容	変更日
0	[2014年01月08日] 掲載	2018年2月17日10:37

NVD脆弱性情報

CVE-2012-2898

概要	Google Chrome before 21.0.1180.82 on iOS on iPad devices allows remote attackers to spoof the Omnibox URL via vectors involving SSL error messages, a related issue to CVE-2012-0674.
公表日	2014年1月6日5:55
登録日	2021年1月28日14:59
最終更新日	2024年11月21日10:39

影響を受けるソフトウェアの構成

構成1		以上	以下	より上	未満
cpe:2.3:a:google:chrome::::::::			21.0.1180.81
cpe:2.3:a:google:chrome:21.0.1180.0:::::::*
cpe:2.3:a:google:chrome:21.0.1180.1:::::::*
cpe:2.3:a:google:chrome:21.0.1180.2:::::::*
cpe:2.3:a:google:chrome:21.0.1180.31:::::::*
cpe:2.3:a:google:chrome:21.0.1180.32:::::::*
cpe:2.3:a:google:chrome:21.0.1180.33:::::::*
cpe:2.3:a:google:chrome:21.0.1180.34:::::::*
cpe:2.3:a:google:chrome:21.0.1180.35:::::::*
cpe:2.3:a:google:chrome:21.0.1180.36:::::::*
cpe:2.3:a:google:chrome:21.0.1180.37:::::::*
cpe:2.3:a:google:chrome:21.0.1180.38:::::::*
cpe:2.3:a:google:chrome:21.0.1180.39:::::::*
cpe:2.3:a:google:chrome:21.0.1180.41:::::::*
cpe:2.3:a:google:chrome:21.0.1180.46:::::::*
cpe:2.3:a:google:chrome:21.0.1180.47:::::::*
cpe:2.3:a:google:chrome:21.0.1180.48:::::::*
cpe:2.3:a:google:chrome:21.0.1180.49:::::::*
cpe:2.3:a:google:chrome:21.0.1180.50:::::::*
cpe:2.3:a:google:chrome:21.0.1180.51:::::::*
cpe:2.3:a:google:chrome:21.0.1180.52:::::::*
cpe:2.3:a:google:chrome:21.0.1180.53:::::::*
cpe:2.3:a:google:chrome:21.0.1180.54:::::::*
cpe:2.3:a:google:chrome:21.0.1180.55:::::::*
cpe:2.3:a:google:chrome:21.0.1180.56:::::::*
cpe:2.3:a:google:chrome:21.0.1180.57:::::::*
cpe:2.3:a:google:chrome:21.0.1180.59:::::::*
cpe:2.3:a:google:chrome:21.0.1180.60:::::::*
cpe:2.3:a:google:chrome:21.0.1180.61:::::::*
cpe:2.3:a:google:chrome:21.0.1180.62:::::::*
cpe:2.3:a:google:chrome:21.0.1180.63:::::::*
cpe:2.3:a:google:chrome:21.0.1180.64:::::::*
cpe:2.3:a:google:chrome:21.0.1180.68:::::::*
cpe:2.3:a:google:chrome:21.0.1180.69:::::::*
cpe:2.3:a:google:chrome:21.0.1180.70:::::::*
cpe:2.3:a:google:chrome:21.0.1180.71:::::::*
cpe:2.3:a:google:chrome:21.0.1180.72:::::::*
cpe:2.3:a:google:chrome:21.0.1180.73:::::::*
cpe:2.3:a:google:chrome:21.0.1180.74:::::::*
cpe:2.3:a:google:chrome:21.0.1180.75:::::::*
cpe:2.3:a:google:chrome:21.0.1180.76:::::::*
cpe:2.3:a:google:chrome:21.0.1180.77:::::::*
cpe:2.3:a:google:chrome:21.0.1180.78:::::::*
cpe:2.3:a:google:chrome:21.0.1180.79:::::::*
cpe:2.3:a:google:chrome:21.0.1180.80:::::::*
実行環境
1	cpe:2.3:h:apple:ipad2:-:::::::*

構成1		以上	以下	より上	未満
cpe:2.3:a:google:chrome::::::::			21.0.1180.81
cpe:2.3:a:google:chrome:21.0.1180.0:::::::*
cpe:2.3:a:google:chrome:21.0.1180.1:::::::*
cpe:2.3:a:google:chrome:21.0.1180.2:::::::*
cpe:2.3:a:google:chrome:21.0.1180.31:::::::*
cpe:2.3:a:google:chrome:21.0.1180.32:::::::*
cpe:2.3:a:google:chrome:21.0.1180.33:::::::*
cpe:2.3:a:google:chrome:21.0.1180.34:::::::*
cpe:2.3:a:google:chrome:21.0.1180.35:::::::*
cpe:2.3:a:google:chrome:21.0.1180.36:::::::*
cpe:2.3:a:google:chrome:21.0.1180.37:::::::*
cpe:2.3:a:google:chrome:21.0.1180.38:::::::*
cpe:2.3:a:google:chrome:21.0.1180.39:::::::*
cpe:2.3:a:google:chrome:21.0.1180.41:::::::*
cpe:2.3:a:google:chrome:21.0.1180.46:::::::*
cpe:2.3:a:google:chrome:21.0.1180.47:::::::*
cpe:2.3:a:google:chrome:21.0.1180.48:::::::*
cpe:2.3:a:google:chrome:21.0.1180.49:::::::*
cpe:2.3:a:google:chrome:21.0.1180.50:::::::*
cpe:2.3:a:google:chrome:21.0.1180.51:::::::*
cpe:2.3:a:google:chrome:21.0.1180.52:::::::*
cpe:2.3:a:google:chrome:21.0.1180.53:::::::*
cpe:2.3:a:google:chrome:21.0.1180.54:::::::*
cpe:2.3:a:google:chrome:21.0.1180.55:::::::*
cpe:2.3:a:google:chrome:21.0.1180.56:::::::*
cpe:2.3:a:google:chrome:21.0.1180.57:::::::*
cpe:2.3:a:google:chrome:21.0.1180.59:::::::*
cpe:2.3:a:google:chrome:21.0.1180.60:::::::*
cpe:2.3:a:google:chrome:21.0.1180.61:::::::*
cpe:2.3:a:google:chrome:21.0.1180.62:::::::*
cpe:2.3:a:google:chrome:21.0.1180.63:::::::*
cpe:2.3:a:google:chrome:21.0.1180.64:::::::*
cpe:2.3:a:google:chrome:21.0.1180.68:::::::*
cpe:2.3:a:google:chrome:21.0.1180.69:::::::*
cpe:2.3:a:google:chrome:21.0.1180.70:::::::*
cpe:2.3:a:google:chrome:21.0.1180.71:::::::*
cpe:2.3:a:google:chrome:21.0.1180.72:::::::*
cpe:2.3:a:google:chrome:21.0.1180.73:::::::*
cpe:2.3:a:google:chrome:21.0.1180.74:::::::*
cpe:2.3:a:google:chrome:21.0.1180.75:::::::*
cpe:2.3:a:google:chrome:21.0.1180.76:::::::*
cpe:2.3:a:google:chrome:21.0.1180.77:::::::*
cpe:2.3:a:google:chrome:21.0.1180.78:::::::*
cpe:2.3:a:google:chrome:21.0.1180.79:::::::*
cpe:2.3:a:google:chrome:21.0.1180.80:::::::*
実行環境
1	cpe:2.3:h:apple:ipad2:-:::::::*

No	URL	refsource	タグ
1	http://googlechromereleases.blogspot.com/2012/09/chrome-for-ios-update_24.html
2	http://googlechromereleases.blogspot.com/2012/09/chrome-for-ios-update_24.html
3	https://code.google.com/p/chromium/issues/detail?id=146760
4	https://code.google.com/p/chromium/issues/detail?id=146760