Lucene search

[email protected]NVD:CVE-2013-2925

HistoryOct 16, 2013 - 8:55 p.m.

CVE-2013-2925

2013-10-1620:55:04

CWE-399

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.02 Low

EPSS

Percentile

89.1%

JSON

Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object.

Affected configurations

NVD

Node

googlechromeRange≤30.0.1599.100

googlechromeMatch30.0.1599.0

googlechromeMatch30.0.1599.1

googlechromeMatch30.0.1599.2

googlechromeMatch30.0.1599.4

googlechromeMatch30.0.1599.5

googlechromeMatch30.0.1599.6

googlechromeMatch30.0.1599.7

googlechromeMatch30.0.1599.8

googlechromeMatch30.0.1599.9

googlechromeMatch30.0.1599.10

googlechromeMatch30.0.1599.11

googlechromeMatch30.0.1599.12

googlechromeMatch30.0.1599.13

googlechromeMatch30.0.1599.14

googlechromeMatch30.0.1599.15

googlechromeMatch30.0.1599.16

googlechromeMatch30.0.1599.17

googlechromeMatch30.0.1599.18

googlechromeMatch30.0.1599.19

googlechromeMatch30.0.1599.20

googlechromeMatch30.0.1599.21

googlechromeMatch30.0.1599.22

googlechromeMatch30.0.1599.23

googlechromeMatch30.0.1599.24

googlechromeMatch30.0.1599.25

googlechromeMatch30.0.1599.26

googlechromeMatch30.0.1599.27

googlechromeMatch30.0.1599.28

googlechromeMatch30.0.1599.29

googlechromeMatch30.0.1599.30

googlechromeMatch30.0.1599.31

googlechromeMatch30.0.1599.32

googlechromeMatch30.0.1599.33

googlechromeMatch30.0.1599.34

googlechromeMatch30.0.1599.35

googlechromeMatch30.0.1599.36

googlechromeMatch30.0.1599.37

googlechromeMatch30.0.1599.38

googlechromeMatch30.0.1599.39

googlechromeMatch30.0.1599.40

googlechromeMatch30.0.1599.41

googlechromeMatch30.0.1599.42

googlechromeMatch30.0.1599.43

googlechromeMatch30.0.1599.44

googlechromeMatch30.0.1599.47

googlechromeMatch30.0.1599.48

googlechromeMatch30.0.1599.49

googlechromeMatch30.0.1599.50

googlechromeMatch30.0.1599.51

googlechromeMatch30.0.1599.52

googlechromeMatch30.0.1599.53

googlechromeMatch30.0.1599.56

googlechromeMatch30.0.1599.57

googlechromeMatch30.0.1599.58

googlechromeMatch30.0.1599.59

googlechromeMatch30.0.1599.60

googlechromeMatch30.0.1599.61

googlechromeMatch30.0.1599.64

googlechromeMatch30.0.1599.65

googlechromeMatch30.0.1599.66

googlechromeMatch30.0.1599.67

googlechromeMatch30.0.1599.68

googlechromeMatch30.0.1599.69

googlechromeMatch30.0.1599.79

googlechromeMatch30.0.1599.80

googlechromeMatch30.0.1599.81

googlechromeMatch30.0.1599.82

googlechromeMatch30.0.1599.84

googlechromeMatch30.0.1599.85

googlechromeMatch30.0.1599.86

googlechromeMatch30.0.1599.87

googlechromeMatch30.0.1599.88

googlechromeMatch30.0.1599.90

References

googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html

lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html

lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html

lists.opensuse.org/opensuse-updates/2013-11/msg00077.html

lists.opensuse.org/opensuse-updates/2014-01/msg00042.html

www.debian.org/security/2013/dsa-2785

code.google.com/p/chromium/issues/detail?id=292422

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18866

src.chromium.org/viewvc/blink?revision=158146&view=revision

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.02 Low

EPSS

Percentile

89.1%

JSON

Related for NVD:CVE-2013-2925

ubuntucve1 cvelist1 debiancve1 prion1 cve1 threatpost1 mageia1 openvas11 nessus11 freebsd1 chrome1 suse2 debian2 osv1 gentoo1