Lucene search

[email protected]NVD:CVE-2013-2925

HistoryOct 16, 2013 - 8:55 p.m.

CVE-2013-2925

2013-10-1620:55:04

CWE-399

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.02

Percentile

89.0%

JSON

Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object.

Affected configurations

Nvd

Node

googlechromeRange≤30.0.1599.100

googlechromeMatch30.0.1599.0

googlechromeMatch30.0.1599.1

googlechromeMatch30.0.1599.2

googlechromeMatch30.0.1599.4

googlechromeMatch30.0.1599.5

googlechromeMatch30.0.1599.6

googlechromeMatch30.0.1599.7

googlechromeMatch30.0.1599.8

googlechromeMatch30.0.1599.9

googlechromeMatch30.0.1599.10

googlechromeMatch30.0.1599.11

googlechromeMatch30.0.1599.12

googlechromeMatch30.0.1599.13

googlechromeMatch30.0.1599.14

googlechromeMatch30.0.1599.15

googlechromeMatch30.0.1599.16

googlechromeMatch30.0.1599.17

googlechromeMatch30.0.1599.18

googlechromeMatch30.0.1599.19

googlechromeMatch30.0.1599.20

googlechromeMatch30.0.1599.21

googlechromeMatch30.0.1599.22

googlechromeMatch30.0.1599.23

googlechromeMatch30.0.1599.24

googlechromeMatch30.0.1599.25

googlechromeMatch30.0.1599.26

googlechromeMatch30.0.1599.27

googlechromeMatch30.0.1599.28

googlechromeMatch30.0.1599.29

googlechromeMatch30.0.1599.30

googlechromeMatch30.0.1599.31

googlechromeMatch30.0.1599.32

googlechromeMatch30.0.1599.33

googlechromeMatch30.0.1599.34

googlechromeMatch30.0.1599.35

googlechromeMatch30.0.1599.36

googlechromeMatch30.0.1599.37

googlechromeMatch30.0.1599.38

googlechromeMatch30.0.1599.39

googlechromeMatch30.0.1599.40

googlechromeMatch30.0.1599.41

googlechromeMatch30.0.1599.42

googlechromeMatch30.0.1599.43

googlechromeMatch30.0.1599.44

googlechromeMatch30.0.1599.47

googlechromeMatch30.0.1599.48

googlechromeMatch30.0.1599.49

googlechromeMatch30.0.1599.50

googlechromeMatch30.0.1599.51

googlechromeMatch30.0.1599.52

googlechromeMatch30.0.1599.53

googlechromeMatch30.0.1599.56

googlechromeMatch30.0.1599.57

googlechromeMatch30.0.1599.58

googlechromeMatch30.0.1599.59

googlechromeMatch30.0.1599.60

googlechromeMatch30.0.1599.61

googlechromeMatch30.0.1599.64

googlechromeMatch30.0.1599.65

googlechromeMatch30.0.1599.66

googlechromeMatch30.0.1599.67

googlechromeMatch30.0.1599.68

googlechromeMatch30.0.1599.69

googlechromeMatch30.0.1599.79

googlechromeMatch30.0.1599.80

googlechromeMatch30.0.1599.81

googlechromeMatch30.0.1599.82

googlechromeMatch30.0.1599.84

googlechromeMatch30.0.1599.85

googlechromeMatch30.0.1599.86

googlechromeMatch30.0.1599.87

googlechromeMatch30.0.1599.88

googlechromeMatch30.0.1599.90

References

googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html

lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html

lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html

lists.opensuse.org/opensuse-updates/2013-11/msg00077.html

lists.opensuse.org/opensuse-updates/2014-01/msg00042.html

www.debian.org/security/2013/dsa-2785

code.google.com/p/chromium/issues/detail?id=292422

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18866

src.chromium.org/viewvc/blink?revision=158146&view=revision

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.02

Percentile

89.0%

JSON

Related for NVD:CVE-2013-2925

prion1 cve1 cvelist1 ubuntucve1 debiancve1 threatpost1 mageia1 nessus11 openvas11 chrome1 freebsd1 suse2 debian2 osv1 gentoo1