Published: 16/10/2013 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome prior to 30.0.1599.101, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome 30.0.1599.66
google chrome 30.0.1599.6
google chrome
google chrome 30.0.1599.80
google chrome 30.0.1599.88
google chrome 30.0.1599.28
google chrome 30.0.1599.14
google chrome 30.0.1599.0
google chrome 30.0.1599.7
google chrome 30.0.1599.38
google chrome 30.0.1599.67
google chrome 30.0.1599.31
google chrome 30.0.1599.15
google chrome 30.0.1599.9
google chrome 30.0.1599.42
google chrome 30.0.1599.1
google chrome 30.0.1599.4
google chrome 30.0.1599.34
google chrome 30.0.1599.65
google chrome 30.0.1599.51
google chrome 30.0.1599.18
google chrome 30.0.1599.50
google chrome 30.0.1599.12
google chrome 30.0.1599.87
google chrome 30.0.1599.5
google chrome 30.0.1599.56
google chrome 30.0.1599.16
google chrome 30.0.1599.44
google chrome 30.0.1599.35
google chrome 30.0.1599.23
google chrome 30.0.1599.13
google chrome 30.0.1599.37
google chrome 30.0.1599.79
google chrome 30.0.1599.2
google chrome 30.0.1599.20
google chrome 30.0.1599.47
google chrome 30.0.1599.26
google chrome 30.0.1599.90
google chrome 30.0.1599.19
google chrome 30.0.1599.61
google chrome 30.0.1599.68
google chrome 30.0.1599.57
google chrome 30.0.1599.22
google chrome 30.0.1599.52
google chrome 30.0.1599.85
google chrome 30.0.1599.29
google chrome 30.0.1599.24
google chrome 30.0.1599.48
google chrome 30.0.1599.58
google chrome 30.0.1599.43
google chrome 30.0.1599.64
google chrome 30.0.1599.49
google chrome 30.0.1599.60
google chrome 30.0.1599.86
google chrome 30.0.1599.21
google chrome 30.0.1599.32
google chrome 30.0.1599.17
google chrome 30.0.1599.41
google chrome 30.0.1599.36
google chrome 30.0.1599.25
google chrome 30.0.1599.53
google chrome 30.0.1599.30
google chrome 30.0.1599.82
google chrome 30.0.1599.40
google chrome 30.0.1599.27
google chrome 30.0.1599.10
google chrome 30.0.1599.81
google chrome 30.0.1599.11
google chrome 30.0.1599.59
google chrome 30.0.1599.33
google chrome 30.0.1599.8
google chrome 30.0.1599.69
google chrome 30.0.1599.39
google chrome 30.0.1599.84

Several vulnerabilities have been discovered in the chromium web browser CVE-2013-2906 Atte Kettunen of OUSPG discovered race conditions in Web Audio CVE-2013-2907 Boris Zbarsky discovered an out-of-bounds read in windowprototype CVE-2013-2908 Chamal de Silva discovered an address bar spoofing issue CVE-2013-2909 Atte Kuttenen ...

CWE-399 https://code.google.com/p/chromium/issues/detail?id=292422 http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2785 http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html https://src.chromium.org/viewvc/blink?revision=158146&view=revision http://lists.opensuse.org/opensuse-updates/2013-11/msg00077.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18866 http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html https://nvd.nist.gov https://www.debian.org/security/./dsa-2785

CVE-2013-2925

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect