Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2013-2493

Published: 07/03/2013 Updated: 08/03/2013
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

The Hook_Terminate function in chrome_frame/protocol_sink_wrap.cc in the Google Chrome Frame plugin prior to 26.0.1410.28 for Internet Explorer does not properly handle attach tab requests, which allows user-assisted remote malicious users to cause a denial of service (application crash) via an _blank value for the target attribute of an A element.

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome frame 15.0.874.121

google chrome frame

google chrome frame 16.0.912.63

References

CWE-119http://src.chromium.org/viewvc/chrome?view=rev&revision=185956https://code.google.com/p/chromium/issues/detail?id=178415https://chromiumcodereview.appspot.com/12395021http://googlechromereleases.blogspot.com/2013/03/beta-channel-update.htmlhttp://src.chromium.org/viewvc/chrome/trunk/src/chrome_frame/protocol_sink_wrap.cc?r1=185956&r2=185955&pathrev=185956https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324path traversalCVE-2024-4743CVE-2024-5184TCPCVE-2024-27822code injectionCVE-2024-28995CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook