CVSS: 7.5EPSS: 0%CPEs: 106EXPL: 0CVE-2013-6667
https://notcve.org/view.php?id=CVE-2013-6667
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.146 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 33.0.1750.146 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html http://www.debian.org/security/2014/dsa-2883 http://www.securityfocus.com/bid/65930 https://code.google.com/p/chromium/issues/detail?id=329006 https://code.google.com/p/chromium/issues/detail?id=332947 https://code.google.com/p/chromium/issues/detail?id=333279 https://code.google.com/p/chromium/issues/detail?id=333280 https://code.google.com/p/chromium/issues/detail? •
CVSS: 7.5EPSS: 0%CPEs: 106EXPL: 0CVE-2013-6664
https://notcve.org/view.php?id=CVE-2013-6664
Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving FORM elements, as demonstrated by use of the speech-recognition feature. Vulnerabilidad de uso después de liberación en la función FormAssociatedElement::formRemovedFromTree en core/html/FormAssociatedElement.cpp en Blink, utilizado en Google Chrome anterior a 33.0.1750.146, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores involucrando elementos FORM, tal y como fue demostrado por el uso de la funcionalidad speech-recognition. • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html http://www.debian.org/security/2014/dsa-2883 http://www.securityfocus.com/bid/65930 https://code.google.com/p/chromium/issues/detail?id=326854 https://src.chromium.org/viewvc/blink?revision=163825&view=revision • CWE-399: Resource Management Errors •
CVSS: 5.8EPSS: 0%CPEs: 106EXPL: 0CVE-2013-6666
https://notcve.org/view.php?id=CVE-2013-6666
The PepperFlashRendererHost::OnNavigate function in renderer/pepper/pepper_flash_renderer_host.cc in Google Chrome before 33.0.1750.146 does not verify that all headers are Cross-Origin Resource Sharing (CORS) simple headers before proceeding with a PPB_Flash.Navigate operation, which might allow remote attackers to bypass intended CORS restrictions via an inappropriate header. La función PepperFlashRendererHost::OnNavigate en renderer/pepper/pepper_flash_renderer_host.cc en Google Chrome anterior a 33.0.1750.146 no verifica que todas las cabeceras son cabeceras Cross-Origin Resource Sharing (CORS) simples antes de proceder con una operación PPB_Flash.Navigate, lo que podría permitir a atacantes remotos evadir restricciones CORS a través de una cabecera no apropiada. • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html http://www.debian.org/security/2014/dsa-2883 http://www.securityfocus.com/bid/65930 https://code.google.com/p/chromium/issues/detail?id=332023 https://src.chromium.org/viewvc/chrome?revision=249114&view=revision • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 106EXPL: 0CVE-2013-6665
https://notcve.org/view.php?id=CVE-2013-6665
Heap-based buffer overflow in the ResourceProvider::InitializeSoftware function in cc/resources/resource_provider.cc in Google Chrome before 33.0.1750.146 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large texture size that triggers improper memory allocation in the software renderer. Desbordamiento de buffer basado en memoria dinámica en la función ResourceProvider::InitializeSoftware en cc/resources/resource_provider.cc en Google Chrome anterior a 33.0.1750.146 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de una textura de gran tamaño lo que provoca una reserva de memoria indebida en el renderizador de software. • http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html http://www.debian.org/security/2014/dsa-2883 http://www.securityfocus.com/bid/65930 https://code.google.com/p/chromium/issues/detail?id=337882 https://src.chromium.org/viewvc/chrome?revision=250870&view=revision • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 2%CPEs: 106EXPL: 0CVE-2013-6663
https://notcve.org/view.php?id=CVE-2013-6663
Use-after-free vulnerability in the SVGImage::setContainerSize function in core/svg/graphics/SVGImage.cpp in the SVG implementation in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the resizing of a view. Vulnerabilidad de uso después de liberación en la función SVGImage::setContainerSize en core/svg/graphics/SVGImage.cpp en la implementación SVG en Blink, utilizado en Google Chrome anterior a 33.0.1750.146, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores relacionados con la redimensión de una vista. • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html http://secunia.com/advisories/61306 http://secunia.com/advisories/61318 http://support.apple.com/kb/HT6440 http://support.apple.com/kb/HT6441 http://support.apple.com/kb/HT6442 http://www.debian.org/security/2014/dsa-2883 http://www.securityfocus.com/bid/65930 https:/&#x • CWE-399: Resource Management Errors •