CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities Published In 2013 (Memory Corruption)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-6632 189 DoS Exec Code Overflow Mem. Corr. 2013-11-18 2014-03-05
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013.
2 CVE-2013-6631 DoS Mem. Corr. 2013-11-18 2014-03-05
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call.
3 CVE-2013-5933 119 DoS Overflow +Priv Mem. Corr. 2013-09-25 2013-09-25
6.9
None Local Medium Not required Complete Complete Complete
Stack-based buffer overflow in the sub_E110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or cause a denial of service (memory corruption) by writing a long string to the /dev/socket/init_runit socket that is inconsistent with a certain length value that was previously written to this socket.
4 CVE-2013-2919 119 DoS Overflow Mem. Corr. 2013-10-02 2014-03-05
7.5
None Remote Low Not required Partial Partial Partial
Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
5 CVE-2013-2863 119 DoS Exec Code Overflow Mem. Corr. 2013-06-04 2013-12-05
10.0
None Remote Low Not required Complete Complete Complete
Google Chrome before 27.0.1453.110 does not properly handle SSL sockets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
6 CVE-2013-2862 119 DoS Overflow Mem. Corr. 2013-06-04 2013-12-05
7.5
None Remote Low Not required Partial Partial Partial
Skia, as used in Google Chrome before 27.0.1453.110, does not properly handle GPU acceleration, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
7 CVE-2013-2855 119 DoS Overflow Mem. Corr. 2013-06-04 2013-12-05
5.0
None Remote Low Not required None Partial None
The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
8 CVE-2013-2845 119 DoS Overflow Mem. Corr. 2013-05-22 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
The Web Audio implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
9 CVE-2013-0923 119 DoS Overflow Mem. Corr. 2013-03-28 2013-11-02
5.0
None Remote Low Not required None None Partial
The USB Apps API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors.
10 CVE-2013-0906 119 DoS Overflow Mem. Corr. 2013-03-05 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
The IndexedDB implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
11 CVE-2013-0904 119 DoS Overflow Mem. Corr. 2013-03-05 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
The Web Audio implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
12 CVE-2013-0890 119 DoS Overflow Mem. Corr. 2013-02-23 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors.
13 CVE-2013-0879 119 DoS Overflow Mem. Corr. 2013-02-23 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
14 CVE-2013-0843 119 DoS Overflow Mem. Corr. 2013-01-24 2013-01-30
7.5
None Remote Low Not required Partial Partial Partial
content/renderer/media/webrtc_audio_renderer.cc in Google Chrome before 24.0.1312.56 on Mac OS X does not use an appropriate buffer size for the 96 kHz sampling rate, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a web site that provides WebRTC audio.
15 CVE-2011-1352 119 Overflow +Priv Mem. Corr. 2013-02-05 2013-02-08
6.9
Admin Local Medium Not required Complete Complete Complete
The PowerVR SGX driver in Android before 2.3.6 allows attackers to gain root privileges via an application that triggers kernel memory corruption using crafted user data to the pvrsrvkm device.
Total number of vulnerabilities : 15   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.