Lucene search

K
cveChromeCVE-2019-13753
HistoryDec 10, 2019 - 10:15 p.m.

CVE-2019-13753

2019-12-1022:15:15
CWE-125
Chrome
web.nvd.nist.gov
258
cve-2019-13753
google chrome
sqlite
out of bounds read
remote attacker
information security
vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

6.2

Confidence

High

EPSS

0.007

Percentile

81.0%

Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

Affected configurations

Nvd
Vulners
Node
googlechromeRange<79.0.3945.79
Node
debiandebian_linuxMatch9.0
OR
debiandebian_linuxMatch10.0
OR
fedoraprojectfedoraMatch30
OR
fedoraprojectfedoraMatch31
Node
redhatenterprise_linux_desktopMatch6.0x64
OR
redhatenterprise_linux_desktopMatch6.0x86
OR
redhatenterprise_linux_for_scientific_computingMatch6.0x64
OR
redhatenterprise_linux_for_scientific_computingMatch6.0x86
OR
redhatenterprise_linux_serverMatch6.0x64
OR
redhatenterprise_linux_serverMatch6.0x86
OR
redhatenterprise_linux_workstationMatch6.0x64
OR
redhatenterprise_linux_workstationMatch6.0x86
Node
canonicalubuntu_linuxMatch14.04esm
OR
canonicalubuntu_linuxMatch16.04esm
OR
canonicalubuntu_linuxMatch18.04lts
OR
canonicalubuntu_linuxMatch19.10
VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
debiandebian_linux10.0cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
fedoraprojectfedora30cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
fedoraprojectfedora31cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
redhatenterprise_linux_desktop6.0cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:x64:*
redhatenterprise_linux_desktop6.0cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:x86:*
redhatenterprise_linux_for_scientific_computing6.0cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:x64:*
redhatenterprise_linux_for_scientific_computing6.0cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:x86:*
redhatenterprise_linux_server6.0cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:x64:*
Rows per page:
1-10 of 171

CNA Affected

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "79.0.3945.79",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

6.2

Confidence

High

EPSS

0.007

Percentile

81.0%