Lucene search

[email protected]NVD:CVE-2013-2915

HistoryOct 02, 2013 - 10:35 a.m.

CVE-2013-2915

2013-10-0210:35:35

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.006

Percentile

77.9%

JSON

Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL.

Affected configurations

Nvd

Node

googlechromeRange≤30.0.1599.65

googlechromeMatch30.0.1599.0

googlechromeMatch30.0.1599.1

googlechromeMatch30.0.1599.2

googlechromeMatch30.0.1599.4

googlechromeMatch30.0.1599.5

googlechromeMatch30.0.1599.6

googlechromeMatch30.0.1599.7

googlechromeMatch30.0.1599.8

googlechromeMatch30.0.1599.9

googlechromeMatch30.0.1599.10

googlechromeMatch30.0.1599.11

googlechromeMatch30.0.1599.12

googlechromeMatch30.0.1599.13

googlechromeMatch30.0.1599.14

googlechromeMatch30.0.1599.15

googlechromeMatch30.0.1599.16

googlechromeMatch30.0.1599.17

googlechromeMatch30.0.1599.18

googlechromeMatch30.0.1599.19

googlechromeMatch30.0.1599.20

googlechromeMatch30.0.1599.21

googlechromeMatch30.0.1599.22

googlechromeMatch30.0.1599.23

googlechromeMatch30.0.1599.24

googlechromeMatch30.0.1599.25

googlechromeMatch30.0.1599.26

googlechromeMatch30.0.1599.27

googlechromeMatch30.0.1599.28

googlechromeMatch30.0.1599.29

googlechromeMatch30.0.1599.30

googlechromeMatch30.0.1599.31

googlechromeMatch30.0.1599.32

googlechromeMatch30.0.1599.33

googlechromeMatch30.0.1599.34

googlechromeMatch30.0.1599.35

googlechromeMatch30.0.1599.36

googlechromeMatch30.0.1599.37

googlechromeMatch30.0.1599.38

googlechromeMatch30.0.1599.39

googlechromeMatch30.0.1599.40

googlechromeMatch30.0.1599.41

googlechromeMatch30.0.1599.42

googlechromeMatch30.0.1599.43

googlechromeMatch30.0.1599.44

googlechromeMatch30.0.1599.47

googlechromeMatch30.0.1599.48

googlechromeMatch30.0.1599.49

googlechromeMatch30.0.1599.50

googlechromeMatch30.0.1599.51

googlechromeMatch30.0.1599.52

googlechromeMatch30.0.1599.53

googlechromeMatch30.0.1599.56

googlechromeMatch30.0.1599.57

googlechromeMatch30.0.1599.58

googlechromeMatch30.0.1599.59

googlechromeMatch30.0.1599.60

googlechromeMatch30.0.1599.61

googlechromeMatch30.0.1599.64

References

googlechromereleases.blogspot.com/2013/10/stable-channel-update.html

lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html

lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html

lists.opensuse.org/opensuse-updates/2014-01/msg00042.html

www.debian.org/security/2013/dsa-2785

code.google.com/p/chromium/issues/detail?id=280512

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18319

src.chromium.org/viewvc/chrome?revision=222146&view=revision

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.006

Percentile

77.9%

JSON

Related for NVD:CVE-2013-2915

debiancve1 cvelist1 prion1 cve1 ubuntucve1 openvas11 nessus10 mageia1 freebsd1 suse2 chrome1 debian2 osv1 gentoo1