CVSS: 5.0EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2876
https://notcve.org/view.php?id=CVE-2013-2876
browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a previous page via vectors involving an interstitial page. browser/extensions/api/tabs/tabs_api.cc en Google Chrome anterior 28.0.1500.71 no refuerza adecuadamente las restricciones en las capturas de pantalla a través de extensiones, lo que permite a atacantes remotos la obtención de de información sensible sobre el contenido de una página anterior a través de vectores que involucran a una página intercalada. • http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=ac41418e77bf9d82a6e7875c504fad5fd2ba1f7f http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html http://www.debian.org/security/2013/dsa-2724 https://code.google.com/p/chromium/issues/detail?id=229504 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17350 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2870
https://notcve.org/view.php?id=CVE-2013-2870
Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute arbitrary code via crafted response traffic after a URL request. Vulnerabilidad usar despues de liberar en Google Chrome anterior a v28.0.1500.71 permite a atacantes remotos ejecutar código arbitrario mediante una respuesta especialmente diseñada despues de una solicitud URL. • http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=2b0ff6d8a832f4fe5c187b17342b56675fbf7b96 http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=5449227016f44d7c023b28a697ada40064c681a6 http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html http://www.debian.org/security/2013/dsa-2724 https://code.google.com/p/chromium/issues/detail?id=242762 https://code.google.com/p/chromium/issues/detail?id=244746 https://oval.cisecurity.org/repository/search/definition • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 63EXPL: 0CVE-2013-2880
https://notcve.org/view.php?id=CVE-2013-2880
Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades sin especificar en Google Chrome anterior a 28.0.1500.71, permite a atacantes provocar una denegación de servicio u otro impacto a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html http://www.debian.org/security/2013/dsa-2724 https://code.google.com/p/chromium/issues/detail?id=160450 https://code.google.com/p/chromium/issues/detail?id=167924 https://code.google.com/p/chromium/issues/detail?id=173688 https://code.google.com/p/chromium/issues/detail?id=176027 https://code.google.com/p/chromium/issues/detail? •
CVSS: 5.0EPSS: 2%CPEs: 63EXPL: 0CVE-2013-2875
https://notcve.org/view.php?id=CVE-2013-2875
core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome before 28.0.1500.71, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. core/rendering/svg/SVGInlineTextBox.cpp en la implementación de SVG en Blink, utilizado en Google Chrome anterior a 28.0.1500.71, permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html http://src.chromium.org/viewvc/blink?revision=150456&view=revision http://support.apple.com/kb/HT6254 http://www.debian.org/security/2013/dsa-2724 https://code.google.com/p/chromium/issues/detail?id=233848 https:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 64EXPL: 0CVE-2013-2874
https://notcve.org/view.php?id=CVE-2013-2874
Google Chrome before 28.0.1500.71 on Windows, when an Nvidia GPU is used, allows remote attackers to bypass intended restrictions on access to screen data via vectors involving IPC transmission of GL textures. Google Chrome anterior a v28.0.1500.71 en Windows, cuando se utiliza una GPU Nvidia, permite a atacantes remotos eludir las restricciones en el acceso a los datos de la pantalla a través de vectores relacionados con la transmisión IPC de texturas GL. • http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html https://code.google.com/p/chromium/issues/detail?id=237611 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17142 • CWE-264: Permissions, Privileges, and Access Controls •