Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable801611.PRM
HistoryDec 05, 2013 - 12:00 a.m.

Google Chrome < 31.0.1650.48 Multiple Vulnerabilities

2013-12-0500:00:00
Tenable
www.tenable.com
17

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.059 Low

EPSS

Percentile

93.5%

JSON

The remote host has Google Chrome browser installed. Versions of Google Chrome prior to 31.0.1650.48 are affected by multiple vulnerabilities, some of which are highlighted below:

  • Use-after-free vulnerabilities related to speech input elements, media elements, DOM ranges, “id” attribute strings, and within the libjingle library, which can be triggered by a context-dependent attacker to potentially execute arbitrary code (CVE-2013-6621, CVE-2013-6622, CVE-2013-6624, CVE-2013-6625, CVE-2013-6631)

  • Out-of-bounds reading in HTTP parsing, SVG, and various jpeg libraries can be triggered via a specially crafted web page to cause a crash or potentially disclose memory contents. (CVE-CVE-2013-6623, CVE-2013-6627, CVE-2013-6629, CVE-2013-6630)

  • Address spoofing is possible via a flaw when displaying an interstitial webpage (CVE-2013-6626)

  • Certificates are not checked during TLS renegotiation, which may allow an attacker to present an invalid certification and have it accepted. (CVE-2013-6628)

Furthermore, an updated version of Flash Player (version 11.9.900.152) has been included in this release.

Binary data 801611.prm

Related

threatpost 1
nessus 42
openvas 39
chrome 1
freebsd 1
mageia 2
debian 2
securityvulns 5
osv 1
suse 3
fedora 6
oraclelinux 2
centos 2
amazon 1
redhat 2
ubuntu 2
veracode 2
gentoo 1
mozilla 1
cve 11
ubuntucve 11
prion 11
cvelist 11
nvd 11
debiancve 11
seebug 1
zdt 1
packetstorm 1
f5 4
mscve 1
mskb 5
kaspersky 1
symantec 1
slackware 1
ibm 1
threatpost
threatpost
12 Flaws Fixed in Google Chrome
2013-11-12 13:17:53
nessus
nessus
Google Chrome < 31.0.1650.48 Multiple Vulnerabilities
2013-12-05 00:00:00
Google Chrome < 31.0.1650.48 Multiple Vulnerabilities
2013-11-14 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (3bfc7016-4bcc-11e3-b0cf-00262d5ed8ee)
2013-11-13 00:00:00
openvas
openvas
Google Chrome Multiple Vulnerabilities (Nov 2013) - Mac OS X
2013-11-19 00:00:00
Mageia: Security Advisory (MGASA-2013-0324)
2022-01-28 00:00:00
Google Chrome Multiple Vulnerabilities (Nov 2013) - Linux
2013-11-19 00:00:00
chrome
chrome
Stable Channel Update
2013-11-12 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2013-11-12 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix multiple vulnerabilities
2013-11-13 23:09:45
Updated libjpeg packages fix vulnerabilities in libjpeg-turbo
2013-11-21 00:31:46
debian
debian
[SECURITY] [DSA 2797-1] chromium-browser security update
2013-11-17 15:42:38
[SECURITY] [DSA 2797-1] chromium-browser security update
2013-11-17 15:42:38
securityvulns
securityvulns
Google Chrome / Chromium multiple security vulnerabilities
2013-11-26 00:00:00
[SECURITY] [DSA 2797-1] chromium-browser security update
2013-11-26 00:00:00
bugs in IJG jpeg6b &amp; libjpeg-turbo
2013-12-09 00:00:00
osv
osv
chromium-browser - several
2013-11-16 00:00:00
suse
suse
chromium: update to 31.0.1650.57 (important)
2013-11-27 20:04:35
chromium: 31.0.1650.57 version update (important)
2013-11-27 20:04:13
chromium: update to 31.0.1650.57 (important)
2013-12-12 18:05:02
fedora
fedora
[SECURITY] Fedora 20 Update: libjpeg-turbo-1.3.0-2.fc20
2013-12-24 03:42:20
[SECURITY] Fedora 19 Update: libjpeg-turbo-1.2.90-3.fc19
2014-01-10 07:56:56
[SECURITY] Fedora 19 Update: mingw-libjpeg-turbo-1.3.1-1.fc19
2014-06-10 03:13:25
oraclelinux
oraclelinux
libjpeg-turbo security update
2013-12-09 00:00:00
libjpeg security update
2013-12-09 00:00:00
centos
centos
libjpeg security update
2013-12-10 01:01:49
libjpeg security update
2013-12-10 00:47:48
amazon
amazon
Medium: libjpeg-turbo
2013-12-17 21:32:00
redhat
redhat
(RHSA-2013:1803) Moderate: libjpeg-turbo security update
2013-12-09 00:00:00
(RHSA-2013:1804) Moderate: libjpeg security update
2013-12-09 00:00:00
ubuntu
ubuntu
libjpeg, libjpeg-turbo vulnerabilities
2013-12-19 00:00:00
Thunderbird vulnerabilities
2013-12-11 00:00:00
veracode
veracode
Sensitive Information Disclosure
2019-05-02 05:00:31
Information Disclosure
2019-01-15 08:53:01
gentoo
gentoo
libjpeg-turbo: Multiple vulnerabilities
2016-06-05 00:00:00
mozilla
mozilla
JPEG information leak — Mozilla
2013-12-10 00:00:00
cve
cve
CVE-2013-6626
2013-11-13 15:55:04
CVE-2013-6623
2013-11-13 15:55:04
CVE-2013-6628
2013-11-13 15:55:04
ubuntucve
ubuntucve
CVE-2013-6626
2013-11-13 00:00:00
CVE-2013-6623
2013-11-13 00:00:00
CVE-2013-6631
2013-11-19 00:00:00
prion
prion
Out-of-bounds
2013-11-13 15:55:00
Session fixation
2013-11-13 15:55:00
Code injection
2013-11-13 15:55:00
cvelist
cvelist
CVE-2013-6623
2013-11-13 15:00:00
CVE-2013-6631
2013-11-15 20:00:00
CVE-2013-6628
2013-11-13 15:00:00
nvd
nvd
CVE-2013-6623
2013-11-13 15:55:04
CVE-2013-6628
2013-11-13 15:55:04
CVE-2013-6627
2013-11-13 15:55:04
debiancve
debiancve
CVE-2013-6631
2013-11-19 04:50:00
CVE-2013-6627
2013-11-13 15:55:00
CVE-2013-6626
2013-11-13 15:55:00
seebug
seebug
Google Chrome “id”属性字符串释放后重利用远程代码执行漏洞(CVE-2013-6624)
2013-11-17 00:00:00
zdt
zdt
Google Chrome < 31.0.1650.48 - HTTP 1xx base::String­Tokenizer­T<...>::Quick­Get­Next Out-o
2016-12-20 00:00:00
packetstorm
packetstorm
Chrome HTTP 1xx Out Of Bounds Read
2016-12-19 00:00:00
f5
f5
SOL62655427 - libjpeg-turbo vulnerability CVE-2013-6630
2016-02-18 00:00:00
K62655427 : libjpeg-turbo vulnerability CVE-2013-6630
2016-02-19 00:00:00
K59503294 : libjpeg vulnerability CVE-2013-6629
2016-02-19 00:00:00
mscve
mscve
libjpeg Information Disclosure Vulnerability
2017-04-11 07:00:00
mskb
mskb
Security update for the libjpeg information disclosure vulnerability in Windows Vista and Windows Server 2008: April 11, 2017
2017-04-11 07:00:00
Security update for the libjpeg information disclosure vulnerability in Windows Vista and Windows Server 2008: April 11, 2017
2017-04-11 07:00:00
Security update for the libjpeg information disclosure vulnerability for Microsoft Silverlight 5: April 11, 2017
2017-04-11 07:00:00
kaspersky
kaspersky
KLA11061 Information disclosure vulnerability in Microsoft Windows
2017-04-11 00:00:00
symantec
symantec
libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2013-11-12 00:00:00
slackware
slackware
[slackware-security] libjpeg
2013-12-17 03:49:12
ibm
ibm
Security Bulletin: IBM Transform Services for IBM i is vulnerable to denial of service, buffer overflow, and allowing attacker to obtain sensitive information due to multiple vulnerabilities.
2022-11-17 15:02:38

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.059 Low

EPSS

Percentile

93.5%

JSON
Related for 801611.PRM
threatpost1nessus42openvas39chrome1freebsd1mageia2debian2securityvulns5osv1suse3fedora6oraclelinux2centos2amazon1redhat2ubuntu2veracode2gentoo1mozilla1cve11ubuntucve11prion11cvelist11nvd11debiancve11seebug1zdt1packetstorm1f54mscve1mskb5kaspersky1symantec1slackware1ibm1