FreeBSDDFD92CB2-7D48-11E2-AD48-00262D5ED8EEchromium -- multiple vulnerabilities
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.02 Low
EPSS
Percentile
87.6%
Google Chrome Releases reports:
[172243] High CVE-2013-0879: Memory corruption with web audio
node. Credit to Atte Kettunen of OUSPG.
[171951] High CVE-2013-0880: Use-after-free in database handling.
Credit to Chamal de Silva.
[167069] Medium CVE-2013-0881: Bad read in Matroska handling.
Credit to Atte Kettunen of OUSPG.
[165432] High CVE-2013-0882: Bad memory access with excessive SVG
parameters. Credit to Renata Hodovan.
[142169] Medium CVE-2013-0883: Bad read in Skia. Credit to Atte
Kettunen of OUSPG.
[172984] Low CVE-2013-0884: Inappropriate load of NaCl. Credit to
Google Chrome Security Team (Chris Evans).
[172369] Medium CVE-2013-0885: Too many API permissions granted to
web store.
[171065] [170836] Low CVE-2013-0887: Developer tools process has
too many permissions and places too much trust in the connected
server.
[170666] Medium CVE-2013-0888: Out-of-bounds read in Skia. Credit
to Google Chrome Security Team (Inferno).
[170569] Low CVE-2013-0889: Tighten user gesture check for
dangerous file downloads.
[169973] [169966] High CVE-2013-0890: Memory safety issues across
the IPC layer. Credit to Google Chrome Security Team (Chris
Evans).
[169685] High CVE-2013-0891: Integer overflow in blob handling.
Credit to Google Chrome Security Team (JΓΒΌri Aedla).
[169295] [168710] [166493] [165836] [165747] [164958] [164946]
Medium CVE-2013-0892: Lower severity issues across the IPC layer.
Credit to Google Chrome Security Team (Chris Evans).
[168570] Medium CVE-2013-0893: Race condition in media handling.
Credit to Andrew Scherkus of the Chromium development community.
[168473] High CVE-2013-0894: Buffer overflow in vorbis decoding.
Credit to Google Chrome Security Team (Inferno).
[Linux / Mac] [167840] High CVE-2013-0895: Incorrect path handling
in file copying. Credit to Google Chrome Security Team (JΓΒΌri
Aedla).
[166708] High CVE-2013-0896: Memory management issues in plug-in
message handling. Credit to Google Chrome Security Team (Cris
Neckar).
[165537] Low CVE-2013-0897: Off-by-one read in PDF. Credit to
Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from
Google Security Team.
[164643] High CVE-2013-0898: Use-after-free in URL handling.
Credit to Alexander Potapenko of the Chromium development
community.
[160480] Low CVE-2013-0899: Integer overflow in Opus handling.
Credit to Google Chrome Security Team (JΓΒΌri Aedla).
[152442] Medium CVE-2013-0900: Race condition in ICU. Credit to
Google Chrome Security Team (Inferno).
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.02 Low
EPSS
Percentile
87.6%