CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities Published In 2013 (Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-6640 119 DoS Overflow 2013-12-06 2014-03-05
7.5
None Remote Low Not required Partial Partial Partial
The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that sets a variable to the value of an array element with a crafted index.
2 CVE-2013-6639 119 DoS Overflow 2013-12-06 2014-03-05
7.5
None Remote Low Not required Partial Partial Partial
The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the value of an array element with a crafted index.
3 CVE-2013-6638 119 DoS Overflow 2013-12-06 2014-03-05
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the (1) Runtime_TypedArrayInitialize and (2) Runtime_TypedArrayInitializeFromArrayLike functions.
4 CVE-2013-6632 189 DoS Exec Code Overflow Mem. Corr. 2013-11-18 2014-03-05
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013.
5 CVE-2013-6627 119 DoS Overflow 2013-11-13 2014-03-05
5.0
None Remote Low Not required None None Partial
net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response.
6 CVE-2013-6623 119 DoS Overflow 2013-11-13 2014-03-05
4.3
None Remote Medium Not required None None Partial
The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout.
7 CVE-2013-5933 119 DoS Overflow +Priv Mem. Corr. 2013-09-25 2013-09-25
6.9
None Local Medium Not required Complete Complete Complete
Stack-based buffer overflow in the sub_E110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or cause a denial of service (memory corruption) by writing a long string to the /dev/socket/init_runit socket that is inconsistent with a certain length value that was previously written to this socket.
8 CVE-2013-2920 119 DoS Overflow 2013-10-02 2014-03-05
5.0
None Remote Low Not required None None Partial
The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via a relative URL containing a hostname, as demonstrated by a protocol-relative URL beginning with a //www.google.com/ substring.
9 CVE-2013-2919 119 DoS Overflow Mem. Corr. 2013-10-02 2014-03-05
7.5
None Remote Low Not required Partial Partial Partial
Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
10 CVE-2013-2917 119 DoS Overflow 2013-10-02 2014-03-05
5.0
None Remote Low Not required None None Partial
The ReverbConvolverStage::ReverbConvolverStage function in core/platform/audio/ReverbConvolverStage.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the impulseResponse array.
11 CVE-2013-2907 119 DoS Overflow 2013-10-02 2014-03-05
5.0
None Remote Low Not required None None Partial
The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
12 CVE-2013-2901 189 DoS Overflow 2013-08-21 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in (1) libGLESv2/renderer/Renderer9.cpp and (2) libGLESv2/renderer/Renderer11.cpp in Almost Native Graphics Layer Engine (ANGLE), as used in Google Chrome before 29.0.1547.57, allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
13 CVE-2013-2878 119 DoS Overflow 2013-07-10 2013-11-02
5.0
None Remote Low Not required None None Partial
Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the handling of text.
14 CVE-2013-2877 119 DoS Overflow 2013-07-10 2014-12-11
5.0
None Remote Low Not required None None Partial
parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.
15 CVE-2013-2875 119 DoS Overflow 2013-07-10 2014-07-02
5.0
None Remote Low Not required None None Partial
core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome before 28.0.1500.71, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
16 CVE-2013-2869 119 DoS Overflow 2013-07-10 2013-11-02
4.3
None Remote Medium Not required None None Partial
Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted JPEG2000 image.
17 CVE-2013-2864 119 DoS Overflow 2013-06-04 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
The PDF functionality in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via unknown vectors.
18 CVE-2013-2863 119 DoS Exec Code Overflow Mem. Corr. 2013-06-04 2013-12-05
10.0
None Remote Low Not required Complete Complete Complete
Google Chrome before 27.0.1453.110 does not properly handle SSL sockets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
19 CVE-2013-2862 119 DoS Overflow Mem. Corr. 2013-06-04 2013-12-05
7.5
None Remote Low Not required Partial Partial Partial
Skia, as used in Google Chrome before 27.0.1453.110, does not properly handle GPU acceleration, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
20 CVE-2013-2855 119 DoS Overflow Mem. Corr. 2013-06-04 2013-12-05
5.0
None Remote Low Not required None Partial None
The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
21 CVE-2013-2845 119 DoS Overflow Mem. Corr. 2013-05-22 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
The Web Audio implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
22 CVE-2013-2838 119 DoS Overflow 2013-05-22 2013-11-02
5.0
None Remote Low Not required None None Partial
Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
23 CVE-2013-2832 119 Overflow +Info 2013-04-16 2013-04-18
5.0
None Remote Low Not required Partial None None
The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in Google Chrome OS before 26.0.1410.57 does not prevent uninitialized data from remaining in a buffer, which might allow remote attackers to obtain sensitive information via unspecified vectors.
24 CVE-2013-0923 119 DoS Overflow Mem. Corr. 2013-03-28 2013-11-02
5.0
None Remote Low Not required None None Partial
The USB Apps API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors.
25 CVE-2013-0917 119 DoS Overflow 2013-03-28 2013-11-02
5.0
None Remote Low Not required None None Partial
The URL loader in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
26 CVE-2013-0915 119 DoS Overflow 2013-03-18 2013-04-16
10.0
None Remote Low Not required Complete Complete Complete
The GPU process in Google Chrome OS before 25.0.1364.173 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an "overflow."
27 CVE-2013-0906 119 DoS Overflow Mem. Corr. 2013-03-05 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
The IndexedDB implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
28 CVE-2013-0904 119 DoS Overflow Mem. Corr. 2013-03-05 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
The Web Audio implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
29 CVE-2013-0899 189 DoS Overflow 2013-02-23 2013-11-02
5.0
None Remote Low Not required None None Partial
Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet.
30 CVE-2013-0896 119 DoS Overflow 2013-02-23 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly manage memory during message handling for plug-ins, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
31 CVE-2013-0894 119 DoS Overflow 2013-02-23 2013-04-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size.
32 CVE-2013-0891 189 DoS Overflow 2013-02-23 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a blob.
33 CVE-2013-0890 119 DoS Overflow Mem. Corr. 2013-02-23 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors.
34 CVE-2013-0888 119 DoS Overflow 2013-02-23 2013-11-02
5.0
None Remote Low Not required None None Partial
Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a "user gesture check for dangerous file downloads."
35 CVE-2013-0882 119 DoS Overflow 2013-02-23 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via a large number of SVG parameters.
36 CVE-2013-0879 119 DoS Overflow Mem. Corr. 2013-02-23 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
37 CVE-2013-0843 119 DoS Overflow Mem. Corr. 2013-01-24 2013-01-30
7.5
None Remote Low Not required Partial Partial Partial
content/renderer/media/webrtc_audio_renderer.cc in Google Chrome before 24.0.1312.56 on Mac OS X does not use an appropriate buffer size for the 96 kHz sampling rate, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a web site that provides WebRTC audio.
38 CVE-2013-0834 119 DoS Overflow 2013-01-15 2013-11-02
5.0
None Remote Low Not required None None Partial
Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving glyphs.
39 CVE-2013-0833 119 DoS Overflow 2013-01-15 2013-11-02
5.0
None Remote Low Not required None None Partial
Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to printing.
40 CVE-2012-5157 119 DoS Overflow 2013-01-15 2013-11-02
4.3
None Remote Medium Not required None None Partial
Google Chrome before 24.0.1312.52 does not properly handle image data in PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
41 CVE-2012-5154 189 DoS Overflow 2013-01-15 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory.
42 CVE-2012-5153 119 DoS Overflow 2013-01-15 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory.
43 CVE-2012-5152 119 DoS Overflow 2013-01-15 2013-11-02
5.0
None Remote Low Not required None None Partial
Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data.
44 CVE-2012-5151 189 DoS Overflow 2013-01-15 2013-11-02
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code in a PDF document.
45 CVE-2012-5149 189 DoS Overflow 2013-01-15 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the audio IPC layer in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
46 CVE-2011-1352 119 Overflow +Priv Mem. Corr. 2013-02-05 2013-02-08
6.9
Admin Local Medium Not required Complete Complete Complete
The PowerVR SGX driver in Android before 2.3.6 allows attackers to gain root privileges via an application that triggers kernel memory corruption using crafted user data to the pvrsrvkm device.
Total number of vulnerabilities : 46   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.