CVE-2013-2931 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2931
13 Nov 2013 — Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 allow attackers to execute arbitrary code or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anteriores a 31.0.1650.48 permiten a atacantes ejecutar código arbitrario o posiblemente tener otro impacto a través de vectores desconocidos. Multiple vulnerabilities have been reported in Chromium and V8, worst of which may allow execution of arbitrary code. Versions less than 33.0... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html •
CVE-2013-6625 – Apple Security Advisory 2014-04-01-1
https://notcve.org/view.php?id=CVE-2013-6625
13 Nov 2013 — Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances that require child node removal after a (1) mutation or (2) blur event. Uso después de liberación en core/dom/ContainerNode.cppde Blink, tal como se usa en Google Chrome anterior a la versión 31.0.1650.48, permite a atacantes remoto... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html • CWE-399: Resource Management Errors •
CVE-2013-6627 – Google Chrome < 31.0.1650.48 - HTTP 1xx base::StringTokenizerT<...>::QuickGetNext Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2013-6627
13 Nov 2013 — net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response. net/http/http_stream_parser.cc en Google Chrome anterior a la versión 31.0.1650.48 no procesa adecuadamente códigos de estado HTTP Informational (también conocido como 1xx), lo que permite en servidores web remotos provocar una denegación de servicio (lectura fuera de ... • https://packetstorm.news/files/id/140209 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-6628 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6628
13 Nov 2013 — net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust relationships by renegotiating a session. net/socket/ssl_client_socket_nss.cc en la implementación TLS de Google Chrome anterior a la versión 31.0.1650.48 no asegura que el certificado del servidor es el mismo durante la renegociación co... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html •
CVE-2013-6626 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6626
13 Nov 2013 — The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote attackers to spoof the address bar via a crafted web site. La función WebContentsImpl::AttachInterstitialPage de content/browser/web_contents/web_contents_impl.cc en Google Chrome anterior a la versión 31.0.1650.48 no cancela diálogos JavaScript en la generación de una adv... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html •
CVE-2013-6621 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6621
13 Nov 2013 — Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element. Vulnerabilidad de uso después de liberación en Google Chrome anterior a la versión 31.0.1650.48 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto sin especificar a través de vectores relacionados con el atributo x-webkit-spee... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html • CWE-399: Resource Management Errors •
CVE-2013-6622 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6622
13 Nov 2013 — Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the movement of a media element between documents. Vulnerabilidad de uso después de liberación en la función HTMLMediaElement::didMoveToNewDocument de core/html/HTMLMediaElement.cpp en Blink, tal como se usa en Google Chr... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html • CWE-399: Resource Management Errors •
CVE-2013-6623 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6623
13 Nov 2013 — The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout. La implementación SVG en Blink, tal como se usa en Google Chrome anterior a la versión 31.0.1650.48, permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) mediante el aprovechamiento del uso de la orden de árbol, en lugar de la orde... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-6624 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-6624
13 Nov 2013 — Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the string values of id attributes. Vulnerabilidad de uso después de liberación en Google Chrome anterior a la versión 31.0.1650.48 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores que involucren los valores de cadena de atributos id. Multiple vulnerabilities... • http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html • CWE-399: Resource Management Errors •
CVE-2013-6629 – libjpeg: information leak (read of uninitialized memory)
https://notcve.org/view.php?id=CVE-2013-6629
12 Nov 2013 — The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. La función get_sos de jdmarker.c en libjpeg 6b y libjpeg-turbo hasta la versión 1.3.... • http://advisories.mageia.org/MGASA-2013-0333.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-456: Missing Initialization of a Variable •