CVSS: 7.5EPSS: 0%CPEs: 51EXPL: 0CVE-2013-2887
https://notcve.org/view.php?id=CVE-2013-2887
Multiple unspecified vulnerabilities in Google Chrome before 29.0.1547.57 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a v29.0.1547.57 permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores no especificados. • http://crbug.com/116128 http://crbug.com/166916 http://crbug.com/172119 http://crbug.com/177876 http://crbug.com/220039 http://crbug.com/231688 http://crbug.com/232393 http://crbug.com/234809 http://crbug.com/236147 http://crbug.com/238837 http://crbug.com/246635 http://crbug.com/248960 http://crbug.com/249064 http://crbug.com/249854 http://crbug.com/252848 http://crbug.com/254159 http://crbug.com/261609 http://googlechrome •
CVSS: 7.5EPSS: 1%CPEs: 53EXPL: 0CVE-2013-2900
https://notcve.org/view.php?id=CVE-2013-2900
The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name. La funcion FilePath::ReferencesParent en files/file_path.cc en Google Chrome anterior a v29.0.1547.57 en Windows no maneja adecuadamente las rutas de los componentes compuestos en su totalidad de. (punto) y espacios en blanco, lo que permite a atacantes remotos realizar ataques transversales de directorio a través de un nombre de directorio manipulado. • http://crbug.com/181617 http://googlechromereleases.blogspot.com/2013/08/stable-channel-update.html http://www.debian.org/security/2013/dsa-2741 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18381 https://src.chromium.org/viewvc/chrome?revision=200603&view=revision • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.8EPSS: 0%CPEs: 70EXPL: 0CVE-2013-2881
https://notcve.org/view.php?id=CVE-2013-2881
Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. Google Chrome anterior a 28.0.1500.95, no maneja adecuadamente frames, lo que permite a atacantes remotos evitar la Same Origyn Policy a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html http://www.debian.org/security/2013/dsa-2732 https://code.google.com/p/chromium/issues/detail?id=257748 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17348 https://src.chromium.org/viewvc/blink?revision=153929&view=revision • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 72EXPL: 0CVE-2013-2882 – v8: remote DoS or unspecified other impact via type confusion
https://notcve.org/view.php?id=CVE-2013-2882
Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." Google V8, usado en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores que aprovechan "la confusión de tipos". • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html http://rhn.redhat.com/errata/RHSA-2013-1201.html http://www.debian.org/security/2013/dsa-2732 https://code.google.com/p/chromium/issues/detail?id=260106 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17329 https://access.redhat.com/security/cve/CVE-2013-2882 https://bugzilla.redhat.com/show_bug.cgi?id=991116 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 1%CPEs: 70EXPL: 0CVE-2013-2883
https://notcve.org/view.php?id=CVE-2013-2883
Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to deleting the registration of a MutationObserver object. Vulnerabilidad de uso después de liberación en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores relacionados con la eliminación del registro de un objeto MutationObserver. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html http://www.debian.org/security/2013/dsa-2732 https://code.google.com/p/chromium/issues/detail?id=260165 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17525 https://src.chromium.org/viewvc/blink?revision=154264&view=revision • CWE-399: Resource Management Errors •