CVSS: 6.8EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2906
https://notcve.org/view.php?id=CVE-2013-2906
Multiple race conditions in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to threading in core/html/HTMLMediaElement.cpp, core/platform/audio/AudioDSPKernelProcessor.cpp, core/platform/audio/HRTFElevation.cpp, and modules/webaudio/ConvolverNode.cpp. Condiciones de carrera múltiple en la implementación Web Audio en Blink, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes remotos causar una denegación de servicio o posiblemente tenga otro impacto sin especificar a través de vectores relacionados con threading en core/html/HTMLMediaElement.cpp, core/platform/audio/AudioDSPKernelProcessor.cpp, core/platform/audio/HRTFElevation.cpp, y modules/webaudio/ConvolverNode.cpp. • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2785 https://code.google.com/p/chromium/issues/detail?id=223962 https://code.google.com/p/chromium/issues/detail?id=270758 https://code.google.com/p/chromium/i • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2924
https://notcve.org/view.php?id=CVE-2013-2924
Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación en International Components for Unicode (ICU), tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66 y otros productos, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto sin especificar a través de vectores desconocidos. • http://bugs.icu-project.org/trac/ticket/10318 http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html http://jvn.jp/en/jp/JVN85336306/index.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2785 http://www.debian.org/security/2013/dsa-2786 http://www. • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2913
https://notcve.org/view.php?id=CVE-2013-2913
Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document. Vulnerabilidad de uso después de liberación en la función XMLDocumentParser::append en core/xml/parser/XMLDocumentParser.cpp en Blink, tal y como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que involucren un documento XML. • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2785 https://code.google.com/p/chromium/issues/detail?id=278908 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18843 https://src&# • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2909
https://notcve.org/view.php?id=CVE-2013-2909
Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated from its siblings. Vulnerabilidad de uso después de liberación en Blink, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto sin especificar a través de vectores relacionados con la renderización de inline-block para texto Unicode bidireccional en un elemento aislado de sus hermanos. • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 http://www.debian.org/security/2013/dsa-2785 https://code.google.com/p/chromium/issues/detail?id=265838 https://code.google.co • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2921
https://notcve.org/view.php?id=CVE-2013-2921
Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering certain callback processing during the reporting of a resource entry. Vulnerabilidad de doble liberación en la función ResourceFetcher::didLoadResource en core/fetch/ResourceFetcher.cpp del cargador de recursos en Blink, utilizado en Google Chrome anteriores a 30.0.1599.66, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado disparando ciertos procesos callback durante el reporte de una entrada de recurso. • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2785 https://code.google.com/p/chromium/issues/detail?id=286414 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18389 https://src&# • CWE-399: Resource Management Errors •