Описание
The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout.
The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2013-6623
- https://code.google.com/p/chromium/issues/detail?id=282925
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19311
- https://src.chromium.org/viewvc/blink?revision=158480&view=revision
- http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html
- http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
- http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
- http://www.debian.org/security/2013/dsa-2799
Связанные уязвимости
The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout.
The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout.
The SVG implementation in Blink, as used in Google Chrome before 31.0. ...