Lucene search

[email protected]CVE-2013-6802

HistoryNov 18, 2013 - 5:23 a.m.

CVE-2013-6802

2013-11-1805:23:57

CWE-264

[email protected]

web.nvd.nist.gov

google chrome

sandbox restrictions

cve-2013-6802

renderer process

pacsec 2013

nvd

6.2 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.02 Low

EPSS

Percentile

89.0%

JSON

Google Chrome before 31.0.1650.57 allows remote attackers to bypass intended sandbox restrictions by leveraging access to a renderer process, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a different vulnerability than CVE-2013-6632.

Affected configurations

NVD

Node

googlechromeRange≤31.0.1650.57

CPENameOperatorVersion
google:chromegoogle chromele31.0.1650.57

CPE	Name	Operator	Version
google:chrome	google chrome	le	31.0.1650.57

References

googlechromereleases.blogspot.com/2013/11/chrome-for-android-update.html

googlechromereleases.blogspot.com/2013/11/stable-channel-update_14.html

www.hppwn2own.com/chrome-nexus-4-samsung-galaxy-s4-falls/

code.google.com/p/chromium/issues/detail?id=319117

code.google.com/p/chromium/issues/detail?id=319125

exchange.xforce.ibmcloud.com/vulnerabilities/89201

6.2 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.02 Low

EPSS

Percentile

89.0%

JSON

Related for CVE-2013-6802

openvas13 debiancve2 nessus11 prion2 nvd2 ubuntucve2 cvelist2 cve1 chrome2 freebsd1 mageia1 osv1 suse3 debian2 securityvulns2 gentoo1