CVE-2013-2905

Опубликовано: 21 авг. 2013

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 29.0.1547.56 (включая)

cpe:2.3:a:google:chrome:29.0.1547.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.3:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.4:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.5:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.7:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.8:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.9:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.10:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.11:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.12:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.13:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.14:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.15:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.16:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.17:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.18:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.19:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.20:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.21:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.22:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.23:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.27:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.28:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.29:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.30:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.31:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.32:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.34:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.35:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.36:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.37:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.38:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.39:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.40:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.41:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.42:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.45:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.46:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.47:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.48:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.49:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.50:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.51:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.52:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.53:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.54:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:29.0.1547.55:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00135

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2013-2905

ubuntu

больше 12 лет назад

CVE-2013-2905

debian

больше 12 лет назад

The SharedMemory::Create function in memory/shared_memory_posix.cc in ...

GHSA-h49q-wghx-7g75

github

больше 3 лет назад

EPSS

Процентиль: 34%

0.00135

Низкий

5 Medium

CVSS2

Дефекты

CWE-264