Ubuntu.comUB:CVE-2013-2838CVE-2013-2838
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
75.0%
Google V8, as used in Google Chrome before 27.0.1453.93, allows remote
attackers to cause a denial of service (out-of-bounds read) via unspecified
vectors.
Notes
| Author | Note |
|---|---|
| jdstrand | qtjsbackend-opensource-src contains an embedded libv8, however applications using qtjsbackend-opensource-src should not process untrusted javascript and therefore Ubuntu will not process updates for libv8 in this package. (See LP: #1157732 for details) |
| seth-arnold | I didn’t find any information on this from libv8 upstream |
| mikesalvatore | The Ubuntu Security Team does not support libv8 |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 17.10 | noarch | chromium-browser | < 28.0.1500.52-0ubuntu2 | UNKNOWN |
| ubuntu | 18.04 | noarch | chromium-browser | < 28.0.1500.52-0ubuntu2 | UNKNOWN |
| ubuntu | 18.10 | noarch | chromium-browser | < 28.0.1500.52-0ubuntu2 | UNKNOWN |
| ubuntu | 12.04 | noarch | chromium-browser | < 28.0.1500.52-0ubuntu1.12.04.2 | UNKNOWN |
| ubuntu | 12.10 | noarch | chromium-browser | < 28.0.1500.52-0ubuntu1.12.10.3 | UNKNOWN |
| ubuntu | 13.04 | noarch | chromium-browser | < 28.0.1500.52-0ubuntu1.13.04.3 | UNKNOWN |
| ubuntu | 13.10 | noarch | chromium-browser | < 28.0.1500.52-0ubuntu2 | UNKNOWN |
| ubuntu | 14.04 | noarch | chromium-browser | < 28.0.1500.52-0ubuntu2 | UNKNOWN |
| ubuntu | 14.10 | noarch | chromium-browser | < 28.0.1500.52-0ubuntu2 | UNKNOWN |
| ubuntu | 15.04 | noarch | chromium-browser | < 28.0.1500.52-0ubuntu2 | UNKNOWN |
References
googlechromereleases.blogspot.com/2013/05/stable-channel-release.html
googlechromereleases.blogspot.com/2013/05/stable-channel-release.html
code.google.com/p/chromium/issues/detail?id=162896
code.google.com/p/chromium/issues/detail?id=168050
code.google.com/p/chromium/issues/detail?id=170715
code.google.com/p/chromium/issues/detail?id=173397
code.google.com/p/chromium/issues/detail?id=173672
code.google.com/p/chromium/issues/detail?id=174920
code.google.com/p/chromium/issues/detail?id=176719
code.google.com/p/chromium/issues/detail?id=177815
code.google.com/p/chromium/issues/detail?id=178130
code.google.com/p/chromium/issues/detail?id=178269
code.google.com/p/chromium/issues/detail?id=178581
code.google.com/p/chromium/issues/detail?id=178761
code.google.com/p/chromium/issues/detail?id=179580
code.google.com/p/chromium/issues/detail?id=180058
code.google.com/p/chromium/issues/detail?id=180920
code.google.com/p/chromium/issues/detail?id=181375
code.google.com/p/chromium/issues/detail?id=181438
code.google.com/p/chromium/issues/detail?id=196571
code.google.com/p/chromium/issues/detail?id=196575
code.google.com/p/chromium/issues/detail?id=196648
code.google.com/p/chromium/issues/detail?id=222036
code.google.com/p/chromium/issues/detail?id=222754
code.google.com/p/chromium/issues/detail?id=222770
code.google.com/p/chromium/issues/detail?id=223034
code.google.com/p/chromium/issues/detail?id=223125
code.google.com/p/chromium/issues/detail?id=223145
code.google.com/p/chromium/issues/detail?id=224920
code.google.com/p/chromium/issues/detail?id=225403
code.google.com/p/chromium/issues/detail?id=225979
code.google.com/p/chromium/issues/detail?id=226012
code.google.com/p/chromium/issues/detail?id=226090
code.google.com/p/chromium/issues/detail?id=226659
code.google.com/p/chromium/issues/detail?id=227390
code.google.com/p/chromium/issues/detail?id=229402
code.google.com/p/chromium/issues/detail?id=231725
code.google.com/p/chromium/issues/detail?id=232389
code.google.com/p/chromium/issues/detail?id=232532
code.google.com/p/chromium/issues/detail?id=232865
code.google.com/p/chromium/issues/detail?id=235311
code.google.com/p/chromium/issues/detail?id=236631
code.google.com/p/chromium/issues/detail?id=241595
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2836
launchpad.net/bugs/cve/CVE-2013-2838
nvd.nist.gov/vuln/detail/CVE-2013-2838
security-tracker.debian.org/tracker/CVE-2013-2838
www.cve.org/CVERecord?id=CVE-2013-2838
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
75.0%