CVE-2013-6802

Опубликовано: 18 нояб. 2013

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

Google Chrome before 31.0.1650.57 allows remote attackers to bypass intended sandbox restrictions by leveraging access to a renderer process, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a different vulnerability than CVE-2013-6632.

Ссылки

http://googlechromereleases.blogspot.com/2013/11/chrome-for-android-update.html
Patch
Vendor Advisory
http://googlechromereleases.blogspot.com/2013/11/stable-channel-update_14.html
Patch
Vendor Advisory
http://www.hppwn2own.com/chrome-nexus-4-samsung-galaxy-s4-falls/
Third Party Advisory
https://code.google.com/p/chromium/issues/detail?id=319117
Vendor Advisory
https://code.google.com/p/chromium/issues/detail?id=319125
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/89201
Third Party Advisory
VDB Entry
http://googlechromereleases.blogspot.com/2013/11/chrome-for-android-update.html
Patch
Vendor Advisory
http://googlechromereleases.blogspot.com/2013/11/stable-channel-update_14.html
Patch
Vendor Advisory
http://www.hppwn2own.com/chrome-nexus-4-samsung-galaxy-s4-falls/
Third Party Advisory
https://code.google.com/p/chromium/issues/detail?id=319117
Vendor Advisory
https://code.google.com/p/chromium/issues/detail?id=319125
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/89201
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 31.0.1650.57 (включая)

EPSS

Процентиль: 59%

0.00379

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2013-6802

ubuntu

около 12 лет назад

CVE-2013-6802

debian

около 12 лет назад

Google Chrome before 31.0.1650.57 allows remote attackers to bypass in ...

GHSA-rc6h-cxrg-vv4c

github

больше 3 лет назад

EPSS

Процентиль: 59%

0.00379

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-264