Published: 10/07/2013 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Google Chrome prior to 28.0.1500.71 does not properly prevent pop-under windows, which allows remote malicious users to have an unspecified impact via a crafted web site.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome 28.0.1500.68
google chrome 28.0.1500.26
google chrome 28.0.1500.31
google chrome 28.0.1500.0
google chrome 28.0.1500.33
google chrome 28.0.1500.29
google chrome 28.0.1500.25
google chrome 28.0.1500.66
google chrome 28.0.1500.41
google chrome 28.0.1500.12
google chrome 28.0.1500.13
google chrome 28.0.1500.62
google chrome 28.0.1500.20
google chrome 28.0.1500.39
google chrome 28.0.1500.60
google chrome 28.0.1500.15
google chrome 28.0.1500.59
google chrome 28.0.1500.23
google chrome 28.0.1500.45
google chrome 28.0.1500.43
google chrome 28.0.1500.40
google chrome 28.0.1500.3
google chrome 28.0.1500.52
google chrome 28.0.1500.34
google chrome 28.0.1500.46
google chrome 28.0.1500.8
google chrome 28.0.1500.63
google chrome 28.0.1500.53
google chrome 28.0.1500.4
google chrome 28.0.1500.36
google chrome 28.0.1500.44
google chrome 28.0.1500.51
google chrome 28.0.1500.19
google chrome 28.0.1500.2
google chrome 28.0.1500.50
google chrome 28.0.1500.56
google chrome 28.0.1500.54
google chrome 28.0.1500.18
google chrome 28.0.1500.27
google chrome 28.0.1500.21
google chrome 28.0.1500.14
google chrome 28.0.1500.9
google chrome 28.0.1500.16
google chrome 28.0.1500.37
google chrome 28.0.1500.6
google chrome 28.0.1500.47
google chrome 28.0.1500.42
google chrome 28.0.1500.11
google chrome 28.0.1500.17
google chrome 28.0.1500.28
google chrome 28.0.1500.49
google chrome 28.0.1500.35
google chrome 28.0.1500.61
google chrome 28.0.1500.48
google chrome 28.0.1500.22
google chrome 28.0.1500.64
google chrome 28.0.1500.24
google chrome 28.0.1500.58
google chrome 28.0.1500.10
google chrome 28.0.1500.32
google chrome
google chrome 28.0.1500.5
google chrome 28.0.1500.38
debian debian linux 7.0

Several vulnerabilities have been discovered in the Chromium web browser CVE-2013-2853 The HTTPS implementation does not ensure that headers are terminated by \r\n\r\n (carriage return, newline, carriage return, newline) CVE-2013-2867 Chrome does not properly prevent pop-under windows CVE-2013-2868 common/extensions/sync_helper ...

NVD-CWE-noinfo https://code.google.com/p/chromium/issues/detail?id=252216 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17216 http://www.debian.org/security/2013/dsa-2724 http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html https://nvd.nist.gov https://www.debian.org/security/./dsa-2724

CVE-2013-2867

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect