Lucene search
HistoryMar 11, 2013 - 10:55 a.m.
CVE-2013-0912
cve-2013-0912
google chrome
remote code execution
type confusion
webkit
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.547
Percentile
97.7%
WebKit in Google Chrome before 25.0.1364.160 allows remote attackers to execute arbitrary code via vectors that leverage “type confusion.”
Affected configurations
Node
googlechromeMatch25.0.1364.0
ORgooglechromeMatch25.0.1364.1
ORgooglechromeMatch25.0.1364.2
ORgooglechromeMatch25.0.1364.3
ORgooglechromeMatch25.0.1364.5
ORgooglechromeMatch25.0.1364.7
ORgooglechromeMatch25.0.1364.8
ORgooglechromeMatch25.0.1364.9
ORgooglechromeMatch25.0.1364.10
ORgooglechromeMatch25.0.1364.11
ORgooglechromeMatch25.0.1364.12
ORgooglechromeMatch25.0.1364.13
ORgooglechromeMatch25.0.1364.14
ORgooglechromeMatch25.0.1364.15
ORgooglechromeMatch25.0.1364.16
ORgooglechromeMatch25.0.1364.17
ORgooglechromeMatch25.0.1364.18
ORgooglechromeMatch25.0.1364.19
ORgooglechromeMatch25.0.1364.20
ORgooglechromeMatch25.0.1364.21
ORgooglechromeMatch25.0.1364.22
ORgooglechromeMatch25.0.1364.23
ORgooglechromeMatch25.0.1364.24
ORgooglechromeMatch25.0.1364.25
ORgooglechromeMatch25.0.1364.26
ORgooglechromeMatch25.0.1364.27
ORgooglechromeMatch25.0.1364.28
ORgooglechromeMatch25.0.1364.29
ORgooglechromeMatch25.0.1364.30
ORgooglechromeMatch25.0.1364.31
ORgooglechromeMatch25.0.1364.32
ORgooglechromeMatch25.0.1364.33
ORgooglechromeMatch25.0.1364.34
ORgooglechromeMatch25.0.1364.35
ORgooglechromeMatch25.0.1364.36
ORgooglechromeMatch25.0.1364.37
ORgooglechromeMatch25.0.1364.38
ORgooglechromeMatch25.0.1364.39
ORgooglechromeMatch25.0.1364.40
ORgooglechromeMatch25.0.1364.41
ORgooglechromeMatch25.0.1364.42
ORgooglechromeMatch25.0.1364.43
ORgooglechromeMatch25.0.1364.44
ORgooglechromeMatch25.0.1364.45
ORgooglechromeMatch25.0.1364.46
ORgooglechromeMatch25.0.1364.47
ORgooglechromeMatch25.0.1364.48
ORgooglechromeMatch25.0.1364.49
ORgooglechromeMatch25.0.1364.50
ORgooglechromeMatch25.0.1364.51
ORgooglechromeMatch25.0.1364.52
ORgooglechromeMatch25.0.1364.53
ORgooglechromeMatch25.0.1364.54
ORgooglechromeMatch25.0.1364.55
ORgooglechromeMatch25.0.1364.56
ORgooglechromeMatch25.0.1364.57
ORgooglechromeMatch25.0.1364.58
ORgooglechromeMatch25.0.1364.61
ORgooglechromeMatch25.0.1364.62
ORgooglechromeMatch25.0.1364.63
ORgooglechromeMatch25.0.1364.65
ORgooglechromeMatch25.0.1364.66
ORgooglechromeMatch25.0.1364.67
ORgooglechromeMatch25.0.1364.68
ORgooglechromeMatch25.0.1364.70
ORgooglechromeMatch25.0.1364.72
ORgooglechromeMatch25.0.1364.73
ORgooglechromeMatch25.0.1364.74
ORgooglechromeMatch25.0.1364.75
ORgooglechromeMatch25.0.1364.76
ORgooglechromeMatch25.0.1364.77
ORgooglechromeMatch25.0.1364.78
ORgooglechromeMatch25.0.1364.79
ORgooglechromeMatch25.0.1364.80
ORgooglechromeMatch25.0.1364.81
ORgooglechromeMatch25.0.1364.82
ORgooglechromeMatch25.0.1364.84
ORgooglechromeMatch25.0.1364.85
ORgooglechromeMatch25.0.1364.86
ORgooglechromeMatch25.0.1364.87
ORgooglechromeMatch25.0.1364.88
ORgooglechromeMatch25.0.1364.89
ORgooglechromeMatch25.0.1364.90
ORgooglechromeMatch25.0.1364.91
ORgooglechromeMatch25.0.1364.92
ORgooglechromeMatch25.0.1364.93
ORgooglechromeMatch25.0.1364.95
ORgooglechromeMatch25.0.1364.98
ORgooglechromeMatch25.0.1364.99
ORgooglechromeMatch25.0.1364.108
ORgooglechromeMatch25.0.1364.110
ORgooglechromeMatch25.0.1364.112
ORgooglechromeMatch25.0.1364.113
ORgooglechromeMatch25.0.1364.114
ORgooglechromeMatch25.0.1364.115
ORgooglechromeMatch25.0.1364.116
ORgooglechromeMatch25.0.1364.117
ORgooglechromeMatch25.0.1364.118
ORgooglechromeMatch25.0.1364.119
ORgooglechromeMatch25.0.1364.120
ORgooglechromeMatch25.0.1364.121
ORgooglechromeMatch25.0.1364.122
ORgooglechromeMatch25.0.1364.123
ORgooglechromeMatch25.0.1364.124
ORgooglechromeMatch25.0.1364.125
ORgooglechromeMatch25.0.1364.126
ORgooglechromeMatch25.0.1364.152
ORgooglechromeMatch25.0.1364.154
ORgooglechromeMatch25.0.1364.155
ORgooglechromeMatch25.0.1364.156
ORgooglechromeMatch25.0.1364.159
| Vendor | Product | Version | CPE |
|---|---|---|---|
| chrome | 25.0.1364.16 | cpe:/a:google:chrome:25.0.1364.16::: | |
| chrome | 25.0.1364.89 | cpe:/a:google:chrome:25.0.1364.89::: | |
| chrome | 25.0.1364.114 | cpe:/a:google:chrome:25.0.1364.114::: | |
| chrome | 25.0.1364.25 | cpe:/a:google:chrome:25.0.1364.25::: | |
| chrome | 25.0.1364.7 | cpe:/a:google:chrome:25.0.1364.7::: | |
| chrome | 25.0.1364.34 | cpe:/a:google:chrome:25.0.1364.34::: | |
| chrome | 25.0.1364.32 | cpe:/a:google:chrome:25.0.1364.32::: | |
| chrome | 25.0.1364.119 | cpe:/a:google:chrome:25.0.1364.119::: | |
| chrome | 25.0.1364.50 | cpe:/a:google:chrome:25.0.1364.50::: | |
| chrome | 25.0.1364.38 | cpe:/a:google:chrome:25.0.1364.38::: |
References
googlechromereleases.blogspot.com/2013/03/stable-channel-update_7.html
h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157
labs.mwrinfosecurity.com/blog/2013/03/06/pwn2own-at-cansecwest-2013/
lists.apple.com/archives/security-announce/2013/Apr/msg00000.html
lists.apple.com/archives/security-announce/2013/Mar/msg00004.html
support.apple.com/kb/HT5701
support.apple.com/kb/HT5704
twitter.com/thezdi/statuses/309460019131346944
code.google.com/p/chromium/issues/detail?id=180763
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16274
Related
securityvulns
securityvulns
APPLE-SA-2013-04-16-1 Safari 6.0.4
2013-04-22 00:00:00
Apple iOS multiple security vulnerabilities
2013-03-24 00:00:00
APPLE-SA-2013-03-19-1 iOS 6.1.3
2013-03-24 00:00:00
openvas
openvas
Google Chrome Webkit Remote Code Execution Vulnerability - Windows
2013-05-28 00:00:00
Google Chrome Webkit Remote Code Execution Vulnerability (Linux)
2013-05-28 00:00:00
Apple Safari Webkit Remote Code Execution Vulnerability - May13 (Mac OS X)
2013-05-27 00:00:00
nessus
nessus
FreeBSD : chromium -- WebKit vulnerability (54bed676-87ce-11e2-b528-00262d5ed8ee)
2013-03-10 00:00:00
Mac OS X : Apple Safari < 6.0.4 SVG File Handling Arbitrary Code Execution
2013-04-17 00:00:00
Google Chrome < 25.0.1364.160 WebKit Type Confusion Code Execution
2013-03-08 00:00:00
ubuntucve
ubuntucve
CVE-2013-0912
2013-03-11 00:00:00
freebsd
freebsd
chromium -- WebKit vulnerability
2013-03-07 00:00:00
zdi
zdi
(Pwn2Own) Google Chrome Type Confusion Remote Code Execution Vulnerability
2013-05-10 00:00:00
prion
prion
Type confusion
2013-03-11 10:55:00
Design/Logic Flaw
2013-03-11 10:55:00
nvd
nvd
CVE-2013-0912
2013-03-11 10:55:01
CVE-2013-2553
2013-03-11 10:55:01
debiancve
debiancve
CVE-2013-0912
2013-03-11 10:55:00
cvelist
cvelist
CVE-2013-0912
2013-03-11 10:00:00
CVE-2013-2553
2022-10-03 16:15:02
chrome
chrome
Stable Channel Update
2013-03-07 00:00:00
cve
cve
CVE-2013-2553
2022-10-03 16:15:02
gentoo
gentoo
Chromium, V8: Multiple vulnerabilities
2013-09-24 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.547
Percentile
97.7%
Related for CVE-2013-0912