9.3 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.02 Low
EPSS
Percentile
89.0%
Google Chrome before 31.0.1650.57 allows remote attackers to bypass
intended sandbox restrictions by leveraging access to a renderer process,
as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a
different vulnerability than CVE-2013-6632.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 12.04 | noarch | chromium-browser | < 31.0.1650.63-0ubuntu0.12.04.1~20131204.1 | UNKNOWN |
ubuntu | 12.10 | noarch | chromium-browser | < 31.0.1650.63-0ubuntu0.12.10.1~20131204.1 | UNKNOWN |
ubuntu | 13.04 | noarch | chromium-browser | < 31.0.1650.63-0ubuntu0.13.04.1~20131204.1 | UNKNOWN |
ubuntu | 13.10 | noarch | chromium-browser | < 31.0.1650.63-0ubuntu0.13.10.1~20131204.1 | UNKNOWN |
googlechromereleases.blogspot.com/2013/11/chrome-for-android-update.html
googlechromereleases.blogspot.com/2013/11/stable-channel-update_14.html
www.hppwn2own.com/chrome-nexus-4-samsung-galaxy-s4-falls/
code.google.com/p/chromium/issues/detail?id=319117
code.google.com/p/chromium/issues/detail?id=319125
launchpad.net/bugs/cve/CVE-2013-6802
nvd.nist.gov/vuln/detail/CVE-2013-6802
security-tracker.debian.org/tracker/CVE-2013-6802
www.cve.org/CVERecord?id=CVE-2013-6802