Lucene search
HistoryMay 22, 2013 - 1:29 p.m.
CVE-2013-2842
cve-2013-2842
google chrome
vulnerability
denial of service
remote attackers
widgets
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
High
0.038 Low
EPSS
Percentile
91.9%
Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of widgets.
Affected configurations
Node
appleiphone_osRange≤6.1.4
ORappleiphone_osMatch1.0.0
ORappleiphone_osMatch1.0.1
ORappleiphone_osMatch1.0.2
ORappleiphone_osMatch1.1.0
ORappleiphone_osMatch1.1.1
ORappleiphone_osMatch1.1.2
ORappleiphone_osMatch1.1.3
ORappleiphone_osMatch1.1.4
ORappleiphone_osMatch1.1.5
ORappleiphone_osMatch2.0
ORappleiphone_osMatch2.0.0
ORappleiphone_osMatch2.0.1
ORappleiphone_osMatch2.0.2
ORappleiphone_osMatch2.1
ORappleiphone_osMatch2.1.1
ORappleiphone_osMatch2.2
ORappleiphone_osMatch2.2.1
ORappleiphone_osMatch3.0
ORappleiphone_osMatch3.0.1
ORappleiphone_osMatch3.1
ORappleiphone_osMatch3.1.2
ORappleiphone_osMatch3.1.3
ORappleiphone_osMatch3.2
ORappleiphone_osMatch3.2.1
ORappleiphone_osMatch3.2.2
ORappleiphone_osMatch4.0
ORappleiphone_osMatch4.0.1
ORappleiphone_osMatch4.0.2
ORappleiphone_osMatch4.1
ORappleiphone_osMatch4.2.1
ORappleiphone_osMatch4.2.5
ORappleiphone_osMatch4.2.8
ORappleiphone_osMatch4.3.0
ORappleiphone_osMatch4.3.1
ORappleiphone_osMatch4.3.2
ORappleiphone_osMatch4.3.3
ORappleiphone_osMatch4.3.5
ORappleiphone_osMatch5.0
ORappleiphone_osMatch5.0.1
ORappleiphone_osMatch5.1
ORappleiphone_osMatch5.1.1
ORappleiphone_osMatch6.0
ORappleiphone_osMatch6.0.1
ORappleiphone_osMatch6.0.2
ORappleiphone_osMatch6.1
ORappleiphone_osMatch6.1.2
ORappleiphone_osMatch6.1.3
Node
googlechromeRange≤27.0.1453.91
ORgooglechromeMatch27.0.1453.0
ORgooglechromeMatch27.0.1453.1
ORgooglechromeMatch27.0.1453.2
ORgooglechromeMatch27.0.1453.3
ORgooglechromeMatch27.0.1453.4
ORgooglechromeMatch27.0.1453.5
ORgooglechromeMatch27.0.1453.6
ORgooglechromeMatch27.0.1453.7
ORgooglechromeMatch27.0.1453.8
ORgooglechromeMatch27.0.1453.9
ORgooglechromeMatch27.0.1453.10
ORgooglechromeMatch27.0.1453.11
ORgooglechromeMatch27.0.1453.12
ORgooglechromeMatch27.0.1453.13
ORgooglechromeMatch27.0.1453.15
ORgooglechromeMatch27.0.1453.34
ORgooglechromeMatch27.0.1453.35
ORgooglechromeMatch27.0.1453.36
ORgooglechromeMatch27.0.1453.37
ORgooglechromeMatch27.0.1453.38
ORgooglechromeMatch27.0.1453.39
ORgooglechromeMatch27.0.1453.40
ORgooglechromeMatch27.0.1453.41
ORgooglechromeMatch27.0.1453.42
ORgooglechromeMatch27.0.1453.43
ORgooglechromeMatch27.0.1453.44
ORgooglechromeMatch27.0.1453.45
ORgooglechromeMatch27.0.1453.46
ORgooglechromeMatch27.0.1453.47
ORgooglechromeMatch27.0.1453.49
ORgooglechromeMatch27.0.1453.50
ORgooglechromeMatch27.0.1453.51
ORgooglechromeMatch27.0.1453.52
ORgooglechromeMatch27.0.1453.54
ORgooglechromeMatch27.0.1453.55
ORgooglechromeMatch27.0.1453.56
ORgooglechromeMatch27.0.1453.57
ORgooglechromeMatch27.0.1453.58
ORgooglechromeMatch27.0.1453.59
ORgooglechromeMatch27.0.1453.60
ORgooglechromeMatch27.0.1453.61
ORgooglechromeMatch27.0.1453.62
ORgooglechromeMatch27.0.1453.63
ORgooglechromeMatch27.0.1453.64
ORgooglechromeMatch27.0.1453.65
ORgooglechromeMatch27.0.1453.66
ORgooglechromeMatch27.0.1453.67
ORgooglechromeMatch27.0.1453.68
ORgooglechromeMatch27.0.1453.69
ORgooglechromeMatch27.0.1453.70
ORgooglechromeMatch27.0.1453.71
ORgooglechromeMatch27.0.1453.72
ORgooglechromeMatch27.0.1453.73
ORgooglechromeMatch27.0.1453.74
ORgooglechromeMatch27.0.1453.75
ORgooglechromeMatch27.0.1453.76
ORgooglechromeMatch27.0.1453.77
ORgooglechromeMatch27.0.1453.78
ORgooglechromeMatch27.0.1453.79
ORgooglechromeMatch27.0.1453.80
ORgooglechromeMatch27.0.1453.81
ORgooglechromeMatch27.0.1453.82
ORgooglechromeMatch27.0.1453.83
ORgooglechromeMatch27.0.1453.84
ORgooglechromeMatch27.0.1453.85
ORgooglechromeMatch27.0.1453.86
ORgooglechromeMatch27.0.1453.87
ORgooglechromeMatch27.0.1453.88
ORgooglechromeMatch27.0.1453.89
ORgooglechromeMatch27.0.1453.90
References
googlechromereleases.blogspot.com/2013/05/stable-channel-release.html
lists.apple.com/archives/security-announce/2013/Oct/msg00003.html
lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
secunia.com/advisories/54886
support.apple.com/kb/HT5934
support.apple.com/kb/HT6001
www.debian.org/security/2013/dsa-2695
code.google.com/p/chromium/issues/detail?id=226696
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15914
Related
nvd
nvd
CVE-2013-2842
2013-05-22 13:29:56
debiancve
debiancve
CVE-2013-2842
2013-05-22 13:29:00
cvelist
cvelist
CVE-2013-2842
2013-05-22 10:00:00
ubuntucve
ubuntucve
CVE-2013-2842
2013-05-22 00:00:00
prion
prion
Design/Logic Flaw
2013-05-22 13:29:00
debian
debian
[SECURITY] [DSA 2695-1] chromium-browser security update
2013-05-29 14:23:54
[SECURITY] [DSA 2695-1] chromium-browser security update
2013-05-29 14:23:54
openvas
openvas
Debian Security Advisory DSA 2695-1 (chromium-browser - several issues)
2013-05-29 00:00:00
Google Chrome Multiple Vulnerabilities-01 (May 2013) - Windows
2013-05-24 00:00:00
Google Chrome Multiple Vulnerabilities-01 (May 2013) - Mac OS X
2013-05-24 00:00:00
osv
osv
chromium-browser - several
2013-05-29 00:00:00
chrome
chrome
Stable Channel Release
2013-05-21 00:00:00
nessus
nessus
FreeBSD : chromium -- multiple vulnerabilities (358133b5-c2b9-11e2-a738-00262d5ed8ee)
2013-05-23 00:00:00
Debian DSA-2695-1 : chromium-browser - several issues
2013-05-30 00:00:00
Google Chrome < 27.0.1453.93 Multiple Vulnerabilities
2013-05-23 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2695-1] chromium-browser security update
2013-06-05 00:00:00
Apple iTunes multiple security vulnerabilities
2014-01-29 00:00:00
Chromium / Google Chrome multiple security vulnerabilities
2013-06-17 00:00:00
threatpost
threatpost
Google Fixes More Than a Dozen Flaws in Chrome 27
2013-05-21 13:33:28
freebsd
freebsd
chromium -- multiple vulnerabilities
2013-05-21 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fixes security vulnerabilities
2013-07-01 23:12:57
gentoo
gentoo
Chromium, V8: Multiple vulnerabilities
2013-09-24 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
High
0.038 Low
EPSS
Percentile
91.9%
Related for CVE-2013-2842