CVE-2013-6666

Опубликовано: 05 мар. 2014

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

The PepperFlashRendererHost::OnNavigate function in renderer/pepper/pepper_flash_renderer_host.cc in Google Chrome before 33.0.1750.146 does not verify that all headers are Cross-Origin Resource Sharing (CORS) simple headers before proceeding with a PPB_Flash.Navigate operation, which might allow remote attackers to bypass intended CORS restrictions via an inappropriate header.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 33.0.1750.144 (включая)

cpe:2.3:a:google:chrome:33.0.1750.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.3:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.4:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.5:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.6:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.7:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.8:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.9:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.10:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.11:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.12:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.13:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.14:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.15:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.16:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.18:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.19:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.20:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.21:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.22:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.23:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.24:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.25:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.26:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.27:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.28:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.29:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.30:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.31:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.34:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.35:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.36:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.37:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.38:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.39:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.40:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.41:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.42:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.43:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.44:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.45:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.46:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.47:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.48:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.49:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.50:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.51:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.52:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.53:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.54:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.55:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.56:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.57:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.58:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.59:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.60:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.61:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.62:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.63:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.64:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.65:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.66:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.67:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.68:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.69:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.70:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.71:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.73:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.74:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.75:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.76:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.77:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.79:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.80:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.81:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.82:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.83:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.85:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.88:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.89:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.90:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.91:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.92:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.93:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.104:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.106:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.107:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.108:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.109:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.110:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.111:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.112:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.113:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.115:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.116:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.117:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.124:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.125:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.126:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.132:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.133:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.135:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:33.0.1750.136:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00272

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2013-6666

ubuntu

почти 12 лет назад

CVE-2013-6666

debian

почти 12 лет назад

The PepperFlashRendererHost::OnNavigate function in renderer/pepper/pe ...

GHSA-qp9p-p38x-xjv3

github

больше 3 лет назад

EPSS

Процентиль: 50%

0.00272

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-264