Vulnerability Details : CVE-2013-2836
Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.93 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Vulnerability category: Denial of service
Products affected by CVE-2013-2836
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.87:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.86:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.78:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.77:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.70:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.69:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.62:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.61:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.60:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.52:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.90:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.82:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.81:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.74:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.73:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.66:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.65:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.57:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.56:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.47:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.51:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.34:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.85:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.84:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.83:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.76:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.75:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.68:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.67:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.59:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.58:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.49:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.40:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.89:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.88:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.80:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.79:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.72:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.71:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.64:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.63:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.55:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.54:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:27.0.1453.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-2836
0.65%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 80 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-2836
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2013-2836
-
https://code.google.com/p/chromium/issues/detail?id=178581
178581 - Heap-use-after-free in BrowsingDataRemover::DoClearCache - chromium - Monorail
-
http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html
Chrome Releases: Stable Channel Release
-
https://code.google.com/p/chromium/issues/detail?id=180058
180058 - Security: Loading NaCl from Web via permissive extension - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=179580
179580 - Devtools uses dangling WebContents* when extension reloads - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=170715
170715 - SIGSEGV in NotificationUIManagerImpl::CancelAllBySourceOrigin() - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=227390
227390 - ExtensionFunctionRegistry: missing check for iter != factories_.end() - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=180920
180920 - Heap-use-after-free in WebCore::ElementRuleCollector::collectMatchingRulesForList - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=225979
225979 - Heap-use-after-free in WebCore::RenderTextControl::visiblePositionForIndex - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=226012
226012 - clicking links using generated mouse events bypasses the popup blocker - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=222754
222754 - Multiple ffmpeg security issues found by j00ru. - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=178269
178269 - Heap-use-after-free in WebCore::FrameLoader::stopForUserCancel - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=173397
173397 - Heap-buffer-overflow in WTF::MemoryInstrumentation::Wrapper<WebCore::ContainerNode>::callReportMemoryUsage - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=223145
223145 - Security: <template> implementation fails to check for "template" in special list when handling "any other end tag for in body" - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=162896
162896 - Out of bounds read in WTF::String::String / WebCore::WebVTTParser::constructTreeFromToken - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=196648
196648 - IPC: destroy routes for video decoders on GpuCommandBufferStub destruction - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=223034
223034 - Heap-buffer-overflow in void media::ToInterleavedInternal<int, long> - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=181438
181438 - TransportDIB::Map doesn't validate size of mapped section on Windows - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=178761
178761 - Heap-use-after-free in WebCore::FrameView::maintainScrollPositionAtAnchor - chromium - Monorail
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16609
Repository / Oval Repository
-
https://code.google.com/p/chromium/issues/detail?id=223125
223125 - Heap-buffer-overflow in WebCore::InlineIterator::atTextParagraphSeparator - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=196571
196571 - ASSERTION FAILED: !node || node->isElementNode(), UNKNOWN in WebCore::Element::offsetParent - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=226090
226090 - Heap-use-after-free in WebCore::IDBDatabase::onComplete - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=225403
225403 - ASSERTION FAILED: ownerElement->contentFrame() == frame || !ownerElement->contentFrame(), Heap-use-after-free in WebCore::Node::isDescendantOf - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=176719
176719 - Global-buffer-overflow in cld::ProcessProbV25UniTote - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=168050
168050 - Attacker controlled size mismatch in WidgetDidReceivePaintAtSizeAck() - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=226659
226659 - Harden WTF::Vector::operator[] - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=222770
222770 - UNKNOWN in WebCore::QualifiedName* WTF::HashTable<WebCore::QualifiedName, WebCore::QualifiedName, WTF::Identity - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=241595
241595 - Tracking bug for internal security fixes for Chrome 27 release 0 - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=173672
Inloggen - Google Accounts
-
https://code.google.com/p/chromium/issues/detail?id=181375
181375 - Heap-use-after-free in WebCore::AXObjectCache::getOrCreate - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=229402
229402 - Another popunder scheme - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=178130
178130 - ASSERTION FAILED: node->treeScope() == m_oldScope, Heap-use-after-free in WebCore::TreeScopeAdopter::moveTreeToNewScope - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=222036
222036 - Heap-use-after-free in cricket::WebRtcRenderAdapter::FrameSizeChange - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=224920
224920 - ASSERTION FAILED: !object || object->isBox(), UNKNOWN in WebCore::RenderBlock::layoutBlockChildren - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=232532
232532 - use-after-free on IPC::ChannelProxy::Context::OnChannelError - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=236631
236631 - GpuProcessHost: check channel_requests_.empty() - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=177815
177815 - pepper_flash_clipboard_message_filter.cc assumed same-sized vectors from untrusted Flash process - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=231725
Inloggen - Google Accounts
-
https://code.google.com/p/chromium/issues/detail?id=196575
196575 - ASSERTION FAILED: i < size(), UNKNOWN in WebCore::RenderFrameSet::fillFromEdgeInfo - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=232389
232389 - ASSERTION FAILED: !object || object->isRenderInline(), UNKNOWN in WebCore::RenderTextTrackCue::initializeLayoutParameters - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=232865
232865 - Potential use after free in ApplyStyleCommand::splitAncestorsWithUnicodeBidi - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=174920
174920 - Heap-use-after-free in WebCore::CachedCSSStyleSheet::checkNotify - chromium - Monorail
Jump to