Vulnerability Details : CVE-2013-2923
Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.66 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Vulnerability category: Denial of service
Products affected by CVE-2013-2923
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.60:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.59:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.49:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.40:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.58:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.57:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.48:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.47:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.29:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.28:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.56:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.53:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.34:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.64:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.61:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.52:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.51:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.25:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.24:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:30.0.1599.7:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-2923
0.66%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 69 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-2923
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2013-2923
-
https://code.google.com/p/chromium/issues/detail?id=254728
254728 - Heap-use-after-free in WebCore::AudioBufferSourceNode::renderFromBuffer - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=264211
264211 - ASSERTION FAILED: run.charactersLength() >= run.length(), Heap-buffer-overflow in WebCore::Font::characterRangeCodePath - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=294206
294206 - Heap-use-after-free in WebCore::IDBDatabase::transactionFinished - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=288761
288761 - Heap-use-after-free in WebCore::Document::updateLayout - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=284792
284792 - FileAPIMessageFilter::OnOpenFile opens files with greater permissions than checked - chromium - Monorail
-
http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html
[security-announce] openSUSE-SU-2013:1556-1: important: chromium: 30.0.1
-
https://code.google.com/p/chromium/issues/detail?id=257852
257852 - FileUtilitiesMessageFilter::OnOpenFile insufficient permission checks - chromium - Monorail
-
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
openSUSE-SU-2014:0065-1: moderate: update for chromium
-
https://code.google.com/p/chromium/issues/detail?id=294202
294202 - ASSERTION FAILED: hasRareData(), UNKNOWN in WebCore::Node::rareData - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=299016
299016 - Tracking bug for internal security fixes for Chrome 30, Release 0 - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=285380
285380 - Heap-use-after-free in content::QuotaDispatcherHost::RequestQuotaDispatcher::DidFinish - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=276111
276111 - ASSERTION FAILED: splineIndex < m_keySplines.size(), UNKNOWN in WebCore::SVGAnimationElement::calculatePercentForSpline - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=266593
266593 - ASSERTION FAILED: !element || element->hasTagName(summaryTag), UNKNOWN in WebCore::DetailsMarkerControl::summaryElement - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=277656
277656 - ASSERT: isDocumentLifecycleObserver()ASAN:SIGSEGV, UNKNOWN in WebCore::DocumentLifecycleNotifier::notifyDocumentWasDisposed - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=265731
265731 - Security: mach_override_ptr maps rwx pages at fixed address and leaves PROT_WRITE on text pages - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=279286
279286 - ASSERT: Bad cast from CSSInitialValue to CSSValueList., UNKNOWN in WebCore::CSSValue::isCFCSSValueList - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=288771
288771 - Heap-use-after-free in WebCore::SVGMatrixV8Internal::rotateMethodCallback - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=237800
237800 - use-after-free on WebCore::MajorGCWrapperVisitor::VisitPersistentHandle - chromium - Monorail
-
http://www.debian.org/security/2013/dsa-2785
Debian -- Security Information -- DSA-2785-1 chromium-browser
-
http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html
Chrome Releases: Stable Channel Update
-
https://code.google.com/p/chromium/issues/detail?id=289648
289648 - Security: work around user gesture requirement - chromium - Monorail
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18103
Repository / Oval Repository
-
https://code.google.com/p/chromium/issues/detail?id=293521
293521 - Heap-use-after-free in WebCore::CSSFontSelector::dispatchInvalidationCallbacks - chromium - Monorail
-
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
[security-announce] openSUSE-SU-2013:1861-1: important: chromium: update
-
https://code.google.com/p/chromium/issues/detail?id=294023
294023 - Heap-buffer-overflow in bool WebCore::SelectorChecker::checkOne<WebCore::DOMSiblingTraversalStrategy> - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=267068
267068 - Heap-use-after-free in WebCore::HTMLFormControlsCollectionV8Internal::indexedPropertyGetterCallback - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=269835
269835 - Heap-buffer-overflow in office::doc::BxPap::Init - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=274020
274020 - Security: Blocked popups can navigate anywhere once unblocked - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=278366
278366 - Security: Page can DDOS and crash browser: while (1) window.open() - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=265493
265493 - use-after-free on content::GpuVideoDecodeAcceleratorHost::OnErrorNotification - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=260138
260138 - Heap-use-after-free in WebCore::ElementShadow::removeAllShadowRoots - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=246724
246724 - Security: Ensure that all request types use pinning - chromium - Monorail
Jump to