CVSS: 5.0EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2920
https://notcve.org/view.php?id=CVE-2013-2920
The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via a relative URL containing a hostname, as demonstrated by a protocol-relative URL beginning with a //www.google.com/ substring. La función DoResolveRelativeHost en url/url_canon_relative.cc en Google Chrome anteriores a 30.0.1599.66 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de una URL relativa que contenga un nombre de host, como fue demostrado por una URL relativa a protocolo comenzando con //www.google.com/ substring. • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2785 https://code.google.com/p/chromium/issues/detail?id=285742 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18451 https://src&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2921
https://notcve.org/view.php?id=CVE-2013-2921
Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering certain callback processing during the reporting of a resource entry. Vulnerabilidad de doble liberación en la función ResourceFetcher::didLoadResource en core/fetch/ResourceFetcher.cpp del cargador de recursos en Blink, utilizado en Google Chrome anteriores a 30.0.1599.66, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado disparando ciertos procesos callback durante el reporte de una entrada de recurso. • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2785 https://code.google.com/p/chromium/issues/detail?id=286414 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18389 https://src&# • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2922
https://notcve.org/view.php?id=CVE-2013-2922
Use-after-free vulnerability in core/html/HTMLTemplateElement.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that operates on a TEMPLATE element. Vulnerabilidad de uso después de liberación en core/html/HTMLTemplateElement.cpp en Blink, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto sin especificar a través de un código JavaScript manipulado que opera en un elemento TEMPLATE. • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2785 https://code.google.com/p/chromium/issues/detail?id=286975 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18358 https://src&# • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 59EXPL: 0CVE-2013-2923
https://notcve.org/view.php?id=CVE-2013-2923
Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.66 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en Google Chrome anterior a la versión 30.0.1599.66 permite a atacantes causar una denegación de servicio o probablemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2785 https://code.google.com/p/chromium/issues/detail?id=237800 https://code.google.com/p/chromium/issues/detail?id=246724 https://code.google.com/p/chromium/i •
CVSS: 7.5EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2924
https://notcve.org/view.php?id=CVE-2013-2924
Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación en International Components for Unicode (ICU), tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66 y otros productos, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto sin especificar a través de vectores desconocidos. • http://bugs.icu-project.org/trac/ticket/10318 http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html http://jvn.jp/en/jp/JVN85336306/index.html http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2785 http://www.debian.org/security/2013/dsa-2786 http://www. • CWE-399: Resource Management Errors •