CVSS: 7.5EPSS: 1%CPEs: 70EXPL: 0CVE-2013-2884
https://notcve.org/view.php?id=CVE-2013-2884
Use-after-free vulnerability in the DOM implementation in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper tracking of which document owns an Attr object. Vulnerabilidad de uso después de liberación en la implementación DOM en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores relacionado con un seguimiento inadecuado de documentos que poseen un objeto Attr. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html http://www.debian.org/security/2013/dsa-2732 https://code.google.com/p/chromium/issues/detail?id=248950 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17597 https://src.chromium.org/viewvc/blink?revision=152938&view=revision • CWE-399: Resource Management Errors •
CVSS: 5.8EPSS: 0%CPEs: 70EXPL: 0CVE-2013-2881
https://notcve.org/view.php?id=CVE-2013-2881
Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. Google Chrome anterior a 28.0.1500.95, no maneja adecuadamente frames, lo que permite a atacantes remotos evitar la Same Origyn Policy a través de un sitio web manipulado. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html http://www.debian.org/security/2013/dsa-2732 https://code.google.com/p/chromium/issues/detail?id=257748 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17348 https://src.chromium.org/viewvc/blink?revision=153929&view=revision • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 72EXPL: 0CVE-2013-2882 – v8: remote DoS or unspecified other impact via type confusion
https://notcve.org/view.php?id=CVE-2013-2882
Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." Google V8, usado en Google Chrome anterior a 28.0.1500.95, permite a atacantes remotos provocar una denegación de servicio y causar otro tipo de impacto a través de vectores que aprovechan "la confusión de tipos". • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html http://rhn.redhat.com/errata/RHSA-2013-1201.html http://www.debian.org/security/2013/dsa-2732 https://code.google.com/p/chromium/issues/detail?id=260106 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17329 https://access.redhat.com/security/cve/CVE-2013-2882 https://bugzilla.redhat.com/show_bug.cgi?id=991116 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.0EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2876
https://notcve.org/view.php?id=CVE-2013-2876
browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a previous page via vectors involving an interstitial page. browser/extensions/api/tabs/tabs_api.cc en Google Chrome anterior 28.0.1500.71 no refuerza adecuadamente las restricciones en las capturas de pantalla a través de extensiones, lo que permite a atacantes remotos la obtención de de información sensible sobre el contenido de una página anterior a través de vectores que involucran a una página intercalada. • http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=ac41418e77bf9d82a6e7875c504fad5fd2ba1f7f http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html http://www.debian.org/security/2013/dsa-2724 https://code.google.com/p/chromium/issues/detail?id=229504 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17350 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2870
https://notcve.org/view.php?id=CVE-2013-2870
Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute arbitrary code via crafted response traffic after a URL request. Vulnerabilidad usar despues de liberar en Google Chrome anterior a v28.0.1500.71 permite a atacantes remotos ejecutar código arbitrario mediante una respuesta especialmente diseñada despues de una solicitud URL. • http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=2b0ff6d8a832f4fe5c187b17342b56675fbf7b96 http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=5449227016f44d7c023b28a697ada40064c681a6 http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html http://www.debian.org/security/2013/dsa-2724 https://code.google.com/p/chromium/issues/detail?id=242762 https://code.google.com/p/chromium/issues/detail?id=244746 https://oval.cisecurity.org/repository/search/definition • CWE-399: Resource Management Errors •