Published: 24/02/2014 Updated: 01/04/2014

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Use-after-free vulnerability in Blink, as used in Google Chrome prior to 33.0.1750.117, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM events during interaction between JavaScript and layout.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome
google chrome 33.0.1750.108
google chrome 33.0.1750.107
google chrome 33.0.1750.88
google chrome 33.0.1750.85
google chrome 33.0.1750.76
google chrome 33.0.1750.75
google chrome 33.0.1750.67
google chrome 33.0.1750.66
google chrome 33.0.1750.58
google chrome 33.0.1750.57
google chrome 33.0.1750.50
google chrome 33.0.1750.49
google chrome 33.0.1750.42
google chrome 33.0.1750.41
google chrome 33.0.1750.115
google chrome 33.0.1750.113
google chrome 33.0.1750.106
google chrome 33.0.1750.104
google chrome 33.0.1750.83
google chrome 33.0.1750.82
google chrome 33.0.1750.74
google chrome 33.0.1750.73
google chrome 33.0.1750.65
google chrome 33.0.1750.64
google chrome 33.0.1750.56
google chrome 33.0.1750.55
google chrome 33.0.1750.48
google chrome 33.0.1750.47
google chrome 33.0.1750.40
google chrome 33.0.1750.39
google chrome 33.0.1750.38
google chrome 33.0.1750.29
google chrome 33.0.1750.28
google chrome 33.0.1750.110
google chrome 33.0.1750.109
google chrome 33.0.1750.91
google chrome 33.0.1750.90
google chrome 33.0.1750.89
google chrome 33.0.1750.79
google chrome 33.0.1750.77
google chrome 33.0.1750.69
google chrome 33.0.1750.68
google chrome 33.0.1750.60
google chrome 33.0.1750.59
google chrome 33.0.1750.52
google chrome 33.0.1750.51
google chrome 33.0.1750.44
google chrome 33.0.1750.43
google chrome 33.0.1750.21
google chrome 33.0.1750.20
google chrome 33.0.1750.12
google chrome 33.0.1750.11
google chrome 33.0.1750.10
google chrome 33.0.1750.3
google chrome 33.0.1750.2
google chrome 33.0.1750.112
google chrome 33.0.1750.111
google chrome 33.0.1750.93
google chrome 33.0.1750.92
google chrome 33.0.1750.81
google chrome 33.0.1750.80
google chrome 33.0.1750.71
google chrome 33.0.1750.70
google chrome 33.0.1750.63
google chrome 33.0.1750.62
google chrome 33.0.1750.61
google chrome 33.0.1750.54
google chrome 33.0.1750.53
google chrome 33.0.1750.46
google chrome 33.0.1750.45
google chrome 33.0.1750.37
google chrome 33.0.1750.36
google chrome 33.0.1750.27
google chrome 33.0.1750.26
google chrome 33.0.1750.19
google chrome 33.0.1750.18
google chrome 33.0.1750.9
google chrome 33.0.1750.8
google chrome 33.0.1750.1
google chrome 33.0.1750.0
google chrome 33.0.1750.31
google chrome 33.0.1750.30
google chrome 33.0.1750.23
google chrome 33.0.1750.22
google chrome 33.0.1750.14
google chrome 33.0.1750.13
google chrome 33.0.1750.5
google chrome 33.0.1750.4
google chrome 33.0.1750.35
google chrome 33.0.1750.34
google chrome 33.0.1750.25
google chrome 33.0.1750.24
google chrome 33.0.1750.16
google chrome 33.0.1750.15
google chrome 33.0.1750.7
google chrome 33.0.1750.6

Several vulnerabilities have been discovered in the chromium web browser CVE-2013-6653 Khalil Zhani discovered a use-after-free issue in chromium's web contents color chooser CVE-2013-6654 TheShow3511 discovered an issue in SVG handling CVE-2013-6655 cloudfuzzer discovered a use-after-free issue in dom event handling CVE-2013-6 ...

CWE-399 http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html https://src.chromium.org/viewvc/blink?revision=162655&view=revision https://code.google.com/p/chromium/issues/detail?id=293534 http://lists.opensuse.org/opensuse-updates/2014-03/msg00006.html http://www.debian.org/security/2014/dsa-2883 https://nvd.nist.gov https://www.debian.org/security/./dsa-2883

Get Started

CVE-2013-6655

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect