Lucene search
ChromeCVE-2013-2870HistoryJul 10, 2013 - 10:55 a.m.
CVE-2013-2870
2013-07-1010:55:01
CWE-399
Chrome
web.nvd.nist.gov
48
cve-2013-2870
google chrome
vulnerability
remote code execution
url request
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
Low
EPSS
0.007
Percentile
81.0%
Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute arbitrary code via crafted response traffic after a URL request.
Affected configurations
Node
googlechromeRange≤28.0.1500.70
ORgooglechromeMatch28.0.1500.0
ORgooglechromeMatch28.0.1500.2
ORgooglechromeMatch28.0.1500.3
ORgooglechromeMatch28.0.1500.4
ORgooglechromeMatch28.0.1500.5
ORgooglechromeMatch28.0.1500.6
ORgooglechromeMatch28.0.1500.8
ORgooglechromeMatch28.0.1500.9
ORgooglechromeMatch28.0.1500.10
ORgooglechromeMatch28.0.1500.11
ORgooglechromeMatch28.0.1500.12
ORgooglechromeMatch28.0.1500.13
ORgooglechromeMatch28.0.1500.14
ORgooglechromeMatch28.0.1500.15
ORgooglechromeMatch28.0.1500.16
ORgooglechromeMatch28.0.1500.17
ORgooglechromeMatch28.0.1500.18
ORgooglechromeMatch28.0.1500.19
ORgooglechromeMatch28.0.1500.20
ORgooglechromeMatch28.0.1500.21
ORgooglechromeMatch28.0.1500.22
ORgooglechromeMatch28.0.1500.23
ORgooglechromeMatch28.0.1500.24
ORgooglechromeMatch28.0.1500.25
ORgooglechromeMatch28.0.1500.26
ORgooglechromeMatch28.0.1500.27
ORgooglechromeMatch28.0.1500.28
ORgooglechromeMatch28.0.1500.29
ORgooglechromeMatch28.0.1500.31
ORgooglechromeMatch28.0.1500.32
ORgooglechromeMatch28.0.1500.33
ORgooglechromeMatch28.0.1500.34
ORgooglechromeMatch28.0.1500.35
ORgooglechromeMatch28.0.1500.36
ORgooglechromeMatch28.0.1500.37
ORgooglechromeMatch28.0.1500.38
ORgooglechromeMatch28.0.1500.39
ORgooglechromeMatch28.0.1500.40
ORgooglechromeMatch28.0.1500.41
ORgooglechromeMatch28.0.1500.42
ORgooglechromeMatch28.0.1500.43
ORgooglechromeMatch28.0.1500.44
ORgooglechromeMatch28.0.1500.45
ORgooglechromeMatch28.0.1500.46
ORgooglechromeMatch28.0.1500.47
ORgooglechromeMatch28.0.1500.48
ORgooglechromeMatch28.0.1500.49
ORgooglechromeMatch28.0.1500.50
ORgooglechromeMatch28.0.1500.51
ORgooglechromeMatch28.0.1500.52
ORgooglechromeMatch28.0.1500.53
ORgooglechromeMatch28.0.1500.54
ORgooglechromeMatch28.0.1500.56
ORgooglechromeMatch28.0.1500.58
ORgooglechromeMatch28.0.1500.59
ORgooglechromeMatch28.0.1500.60
ORgooglechromeMatch28.0.1500.61
ORgooglechromeMatch28.0.1500.62
ORgooglechromeMatch28.0.1500.63
ORgooglechromeMatch28.0.1500.64
ORgooglechromeMatch28.0.1500.66
ORgooglechromeMatch28.0.1500.68
Node
debiandebian_linuxMatch7.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| chrome | * | cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | |
| chrome | 28.0.1500.0 | cpe:2.3:a:google:chrome:28.0.1500.0:*:*:*:*:*:*:* | |
| chrome | 28.0.1500.2 | cpe:2.3:a:google:chrome:28.0.1500.2:*:*:*:*:*:*:* | |
| chrome | 28.0.1500.3 | cpe:2.3:a:google:chrome:28.0.1500.3:*:*:*:*:*:*:* | |
| chrome | 28.0.1500.4 | cpe:2.3:a:google:chrome:28.0.1500.4:*:*:*:*:*:*:* | |
| chrome | 28.0.1500.5 | cpe:2.3:a:google:chrome:28.0.1500.5:*:*:*:*:*:*:* | |
| chrome | 28.0.1500.6 | cpe:2.3:a:google:chrome:28.0.1500.6:*:*:*:*:*:*:* | |
| chrome | 28.0.1500.8 | cpe:2.3:a:google:chrome:28.0.1500.8:*:*:*:*:*:*:* | |
| chrome | 28.0.1500.9 | cpe:2.3:a:google:chrome:28.0.1500.9:*:*:*:*:*:*:* | |
| chrome | 28.0.1500.10 | cpe:2.3:a:google:chrome:28.0.1500.10:*:*:*:*:*:*:* |
References
git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=2b0ff6d8a832f4fe5c187b17342b56675fbf7b96
git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=5449227016f44d7c023b28a697ada40064c681a6
googlechromereleases.blogspot.com/2013/07/stable-channel-update.html
www.debian.org/security/2013/dsa-2724
code.google.com/p/chromium/issues/detail?id=242762
code.google.com/p/chromium/issues/detail?id=244746
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16723
Related
nvd
nvd
CVE-2013-2870
2013-07-10 10:55:01
ubuntucve
ubuntucve
CVE-2013-2870
2013-07-10 00:00:00
cvelist
cvelist
CVE-2013-2870
2013-07-10 10:00:00
prion
prion
Design/Logic Flaw
2013-07-10 10:55:00
debiancve
debiancve
CVE-2013-2870
2013-07-10 10:55:00
nessus
nessus
Google Chrome < 28.0.1500.71 Multiple Vulnerabilities
2013-07-11 00:00:00
Google Chrome < 28.0.1500.71 Multiple Security Vulnerabilities
2013-07-11 00:00:00
Debian DSA-2724-1 : chromium-browser - several vulnerabilities
2013-07-19 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerabilities
2013-07-26 15:52:03
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0234)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-2724-1)
2013-07-16 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2724-1] chromium-browser security update
2013-07-19 00:00:00
Chromium / Google Chrome multiple security vulnerabilities
2013-08-12 00:00:00
osv
osv
chromium-browser - several
2013-07-17 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2013-07-09 00:00:00
debian
debian
[SECURITY] [DSA 2724-1] chromium-browser security update
2013-07-18 21:59:40
[SECURITY] [DSA 2724-1] chromium-browser security update
2013-07-18 21:59:40
threatpost
threatpost
Google Fixes 17 Flaws in Chrome 28
2013-07-10 09:37:49
chrome
chrome
Stable Channel Update
2013-07-09 00:00:00
gentoo
gentoo
Chromium, V8: Multiple vulnerabilities
2013-09-24 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
Low
EPSS
0.007
Percentile
81.0%
Related for CVE-2013-2870