Vulnerability Details : CVE-2013-6636
The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors involving the document.write method.
Vulnerability category: Input validation
Products affected by CVE-2013-6636
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.34:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.25:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.29:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.28:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.61:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.60:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.52:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.51:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.48:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.49:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.57:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.55:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.59:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.58:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.54:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.53:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.47:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-6636
0.75%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 78 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-6636
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2013-6636
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-6636
-
http://www.debian.org/security/2013/dsa-2811
Debian -- Security Information -- DSA-2811-1 chromium-browser
-
https://code.google.com/p/chromium/issues/detail?id=322959
322959 - URL Spoof Vulnerability - chromium - Monorail
-
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
openSUSE-SU-2014:0065-1: moderate: update for chromium
-
http://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html
openSUSE-SU-2013:1927-1: moderate: update for chromium
-
http://www.securitytracker.com/id/1029442
Google Chrome Multiple Bugs Let Remote Users Execute Arbitrary Code, Conduct Session Fixation Attacks, and Spoof the Address Bar - SecurityTracker
-
https://src.chromium.org/viewvc/blink?revision=162673&view=revision
[blink] Revision 162673Patch
-
http://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html
openSUSE-SU-2013:1933-1: moderate: update for chromium
-
http://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html
Chrome Releases: Stable Channel UpdateVendor Advisory
Jump to