Vulnerability Details : CVE-2013-2931
Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 allow attackers to execute arbitrary code or possibly have other impact via unknown vectors.
Vulnerability category: Execute code
Products affected by CVE-2013-2931
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.34:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.25:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.29:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.28:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-2931
1.78%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-2931
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2013-2931
-
https://code.google.com/p/chromium/issues/detail?id=314225
314225 - Heap-buffer-overflow in Null_Cipher - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=315823
315823 - Tracking bug for internal security fixes for Chrome 31, Release 0 - chromium - Monorail
-
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html
[security-announce] openSUSE-SU-2013:1777-1: important: chromium: update
-
https://code.google.com/p/chromium/issues/detail?id=299993
299993 - ASSERTION FAILED: obj->isRenderInline() || obj == this, UNKNOWN in WebCore::RenderBlock::createLineBoxes - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=264574
264574 - ASSERTION FAILED: !renderer->needsLayout(), Heap-use-after-free in WebCore::RenderBlock::LineBreaker::nextSegmentBreak - chromium - Monorail
-
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
openSUSE-SU-2014:0065-1: moderate: update for chromium
-
https://code.google.com/p/chromium/issues/detail?id=296276
296276 - Heap-use-after-free in WebCore::SVGMatrixV8Internal::aAttributeSetterCallback - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=306255
306255 - content_shell crash with --dump-render-tree and non-ASCII content - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=296804
296804 - Heap-use-after-free in webrtc::voe::Channel::SendRTCPPacket - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=297556
297556 - Heap-use-after-free in content::IndexedDBBackingStore::Transaction::Begin - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=299835
299835 - libjpeg_turbo huffval infoleak - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=286368
286368 - ASSERT: Bad cast from Element to HTMLDetailsElement., UNKNOWN in Bad cast from Element to HTMLDetailsElement - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=304226
304226 - Security: Address bar spoofing on Android with window.open() + 204 No Content - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=285578
285578 - Heap-use-after-free in gpu::CommandBufferHelper::~CommandBufferHelper - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=263255
263255 - Heap-use-after-free in WebCore::RenderBlock::checkFloatsInCleanLine - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=258723
258723 - Security: JPEG info leak - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=302810
302810 - ASSERT: Bad cast from Event to TouchEvent., UNKNOWN in Bad cast from Event to TouchEvent - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=282738
282738 - ASSERTION FAILED: offset + length <= m_length, UNKNOWN in WebCore::InlineTextBox::constructTextRun - chromium - Monorail
-
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
[security-announce] openSUSE-SU-2013:1861-1: important: chromium: update
-
http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html
Chrome Releases: Stable Channel Update
-
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html
[security-announce] openSUSE-SU-2013:1776-1: important: chromium: 31.0.1
-
http://www.debian.org/security/2013/dsa-2799
Debian -- Security Information -- DSA-2799-1 chromium-browser
-
https://code.google.com/p/chromium/issues/detail?id=271235
271235 - ASSERTION FAILED: index < static_cast<unsigned>(length()), UNKNOWN in WebCore::TextIterator::characterAt - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=303232
303232 - ASSERT: Bad cast from Event to GestureEvent., UNKNOWN in Bad cast from Event to GestureEvent - chromium - Monorail
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19183
Repository / Oval Repository
Jump to