CVE-2012-2849

Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.

Published: Aug 6, 2012
Updated: Nov 9, 2025
CVE: CVE-2012-2849
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
google / chrome	-	21.0.1180.56.x
google / chrome	21.0.1180.0	21.0.1180.0.x
google / chrome	21.0.1180.1	21.0.1180.1.x
google / chrome	21.0.1180.2	21.0.1180.2.x
google / chrome	21.0.1180.31	21.0.1180.31.x
google / chrome	21.0.1180.32	21.0.1180.32.x
google / chrome	21.0.1180.33	21.0.1180.33.x
google / chrome	21.0.1180.34	21.0.1180.34.x
google / chrome	21.0.1180.35	21.0.1180.35.x
google / chrome	21.0.1180.36	21.0.1180.36.x
google / chrome	21.0.1180.37	21.0.1180.37.x
google / chrome	21.0.1180.38	21.0.1180.38.x
google / chrome	21.0.1180.39	21.0.1180.39.x
google / chrome	21.0.1180.41	21.0.1180.41.x
google / chrome	21.0.1180.46	21.0.1180.46.x
google / chrome	21.0.1180.47	21.0.1180.47.x
google / chrome	21.0.1180.48	21.0.1180.48.x
google / chrome	21.0.1180.49	21.0.1180.49.x
google / chrome	21.0.1180.50	21.0.1180.50.x
google / chrome	21.0.1180.51	21.0.1180.51.x
google / chrome	21.0.1180.52	21.0.1180.52.x
google / chrome	21.0.1180.53	21.0.1180.53.x
google / chrome	21.0.1180.54	21.0.1180.54.x
google / chrome	21.0.1180.55	21.0.1180.55.x
google / chrome	-	21.0.1180.59.x
google / chrome	21.0.1180.56	21.0.1180.56.x
google / chrome	21.0.1180.57	21.0.1180.57.x

Vulnerability Database

310,222

CVE-2012-2849

Deep Security Visibility Without the Complexity