Lucene search

[email protected]NVD:CVE-2013-2927

HistoryOct 16, 2013 - 8:55 p.m.

CVE-2013-2927

2013-10-1620:55:06

CWE-399

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.6 High

AI Score

Confidence

High

0.025 Low

EPSS

Percentile

90.2%

JSON

Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to submission for FORM elements.

Affected configurations

NVD

Node

debiandebian_linuxMatch7.0

debiandebian_linuxMatch8.0

Node

opensuseopensuseMatch12.2

opensuseopensuseMatch12.3

opensuseopensuseMatch13.1

Node

googlechromeRange≤30.0.1599.100

googlechromeMatch30.0.1599.0

googlechromeMatch30.0.1599.1

googlechromeMatch30.0.1599.2

googlechromeMatch30.0.1599.4

googlechromeMatch30.0.1599.5

googlechromeMatch30.0.1599.6

googlechromeMatch30.0.1599.7

googlechromeMatch30.0.1599.8

googlechromeMatch30.0.1599.9

googlechromeMatch30.0.1599.10

googlechromeMatch30.0.1599.11

googlechromeMatch30.0.1599.12

googlechromeMatch30.0.1599.13

googlechromeMatch30.0.1599.14

googlechromeMatch30.0.1599.15

googlechromeMatch30.0.1599.16

googlechromeMatch30.0.1599.17

googlechromeMatch30.0.1599.18

googlechromeMatch30.0.1599.19

googlechromeMatch30.0.1599.20

googlechromeMatch30.0.1599.21

googlechromeMatch30.0.1599.22

googlechromeMatch30.0.1599.23

googlechromeMatch30.0.1599.24

googlechromeMatch30.0.1599.25

googlechromeMatch30.0.1599.26

googlechromeMatch30.0.1599.27

googlechromeMatch30.0.1599.28

googlechromeMatch30.0.1599.29

googlechromeMatch30.0.1599.30

googlechromeMatch30.0.1599.31

googlechromeMatch30.0.1599.32

googlechromeMatch30.0.1599.33

googlechromeMatch30.0.1599.34

googlechromeMatch30.0.1599.35

googlechromeMatch30.0.1599.36

googlechromeMatch30.0.1599.37

googlechromeMatch30.0.1599.38

googlechromeMatch30.0.1599.39

googlechromeMatch30.0.1599.40

googlechromeMatch30.0.1599.41

googlechromeMatch30.0.1599.42

googlechromeMatch30.0.1599.43

googlechromeMatch30.0.1599.44

googlechromeMatch30.0.1599.47

googlechromeMatch30.0.1599.48

googlechromeMatch30.0.1599.49

googlechromeMatch30.0.1599.50

googlechromeMatch30.0.1599.51

googlechromeMatch30.0.1599.52

googlechromeMatch30.0.1599.53

googlechromeMatch30.0.1599.56

googlechromeMatch30.0.1599.57

googlechromeMatch30.0.1599.58

googlechromeMatch30.0.1599.59

googlechromeMatch30.0.1599.60

googlechromeMatch30.0.1599.61

googlechromeMatch30.0.1599.64

googlechromeMatch30.0.1599.65

googlechromeMatch30.0.1599.66

googlechromeMatch30.0.1599.67

googlechromeMatch30.0.1599.68

googlechromeMatch30.0.1599.69

googlechromeMatch30.0.1599.79

googlechromeMatch30.0.1599.80

googlechromeMatch30.0.1599.81

googlechromeMatch30.0.1599.82

googlechromeMatch30.0.1599.84

googlechromeMatch30.0.1599.85

googlechromeMatch30.0.1599.86

googlechromeMatch30.0.1599.87

googlechromeMatch30.0.1599.88

googlechromeMatch30.0.1599.90

References

archives.neohapsis.com/archives/bugtraq/2014-05/0128.html

archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

archives.neohapsis.com/archives/bugtraq/2014-06/0175.html

googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html

lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html

lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html

lists.opensuse.org/opensuse-updates/2013-11/msg00077.html

lists.opensuse.org/opensuse-updates/2014-01/msg00042.html

support.apple.com/kb/HT6254

www.debian.org/security/2013/dsa-2785

code.google.com/p/chromium/issues/detail?id=297478

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19155

src.chromium.org/viewvc/blink?revision=158428&view=revision

support.apple.com/kb/HT6537

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.6 High

AI Score

Confidence

High

0.025 Low

EPSS

Percentile

90.2%

JSON

Related for NVD:CVE-2013-2927

ubuntucve1 cvelist1 debiancve1 prion1 cve1 threatpost2 openvas11 chrome1 nessus18 mageia1 freebsd1 suse2 thn1 securityvulns9 osv1 debian2 gentoo1