CVSS: 5.8EPSS: 0%CPEs: 70EXPL: 0CVE-2013-2881
https://notcve.org/view.php?id=CVE-2013-2881
Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. Google Chrome anterior a 28.0.1500.95, no maneja adecuadamente frames, lo que permite a atacantes remotos evitar la Same Origyn Policy a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html http://www.debian.org/security/2013/dsa-2732 https://code.google.com/p/chromium/issues/detail?id=257748 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17348 https://src.chromium.org/viewvc/blink?revision=153929&view=revision • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 70EXPL: 0CVE-2013-2884
https://notcve.org/view.php?id=CVE-2013-2884
Use-after-free vulnerability in the DOM implementation in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper tracking of which document owns an Attr object. Vulnerabilidad de uso después de liberación en la implementación DOM en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores relacionado con un seguimiento inadecuado de documentos que poseen un objeto Attr. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html http://www.debian.org/security/2013/dsa-2732 https://code.google.com/p/chromium/issues/detail?id=248950 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17597 https://src.chromium.org/viewvc/blink?revision=152938&view=revision • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 2%CPEs: 70EXPL: 0CVE-2013-2885
https://notcve.org/view.php?id=CVE-2013-2885
Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to not properly considering focus during the processing of JavaScript events in the presence of a multiple-fields input type. Vulnerabilidad de uso después de liberación en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio o posiblemente causar otro impacto a través de vectores relacionados que no consideran adecuadamente el foco durante el procesado de los eventos JavaScript en presencia de formularios con múltiples campos. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html http://www.debian.org/security/2013/dsa-2732 https://chromium.googlesource.com/chromium/blink/+/7a7ea525c912f6e59aa3e915e7f2cf140c077a49 https://chromium.googlesource.com/chromium/blink/+/dd13a061c49579e40f381b2dc9409fb0a920ec19%5E https://code.google.com/p/chromium/issues/detail?id=249640 https://code.google.com/p/chromium/issues/detail?id=257353 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17672 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2867
https://notcve.org/view.php?id=CVE-2013-2867
Google Chrome before 28.0.1500.71 does not properly prevent pop-under windows, which allows remote attackers to have an unspecified impact via a crafted web site. Google Chrome anterior a 28.0.1500.71 no previene adecuadamente las ventanas pop-under, lo que permite a atacantes remotos provocar un impacto no especificado a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html http://www.debian.org/security/2013/dsa-2724 https://code.google.com/p/chromium/issues/detail?id=252216 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17216 •
CVSS: 4.3EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2874
https://notcve.org/view.php?id=CVE-2013-2874
Google Chrome before 28.0.1500.71 on Windows, when an Nvidia GPU is used, allows remote attackers to bypass intended restrictions on access to screen data via vectors involving IPC transmission of GL textures. Google Chrome anterior a v28.0.1500.71 en Windows, cuando se utiliza una GPU Nvidia, permite a atacantes remotos eludir las restricciones en el acceso a los datos de la pantalla a través de vectores relacionados con la transmisión IPC de texturas GL. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html https://code.google.com/p/chromium/issues/detail?id=237611 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17142 • CWE-264: Permissions, Privileges, and Access Controls •