CVSS: 7.5EPSS: 0%CPEs: 42EXPL: 0CVE-2013-0925
https://notcve.org/view.php?id=CVE-2013-0925
Google Chrome before 26.0.1410.43 does not ensure that an extension has the tabs (aka APIPermission::kTab) permission before providing a URL to this extension, which has unspecified impact and remote attack vectors. Google Chrome versiones anteriores a v26.0.1410.43 no garantiza que una extensión tenga el permiso de pestaña (especificado por APIPermission::kTab) antes de proporcionar una URL a esta extensión, provocando un impacto y vectores de ataque remotos no especificados. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_26.html https://code.google.com/p/chromium/issues/detail?id=168442 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16363 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 42EXPL: 0CVE-2013-0920
https://notcve.org/view.php?id=CVE-2013-0920
Use-after-free vulnerability in the extension bookmarks API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de usar-después-de-liberar en el API de la extensión de marcadores en Google Chrome versiones anteriores a v26.0.1410.43 permite a atacantes remotos provocar una denegación de servicio o probablemente tener otro impacto no especificado mediante vectores desconocidos. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_26.html https://code.google.com/p/chromium/issues/detail?id=177410 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16552 • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 1%CPEs: 42EXPL: 0CVE-2013-0923
https://notcve.org/view.php?id=CVE-2013-0923
The USB Apps API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. El API de USB Apps en Google Chrome versiones anteriores a v26.0.1410.43 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) mediante vectores no especificados. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_26.html https://code.google.com/p/chromium/issues/detail?id=169765 https://code.google.com/p/chromium/issues/detail?id=169972 https://code.google.com/p/chromium/issues/detail?id=169981 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16671 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 43EXPL: 0CVE-2013-0919
https://notcve.org/view.php?id=CVE-2013-0919
Use-after-free vulnerability in Google Chrome before 26.0.1410.43 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the presence of an extension that creates a pop-up window. Vulnerabilidad de usar-después-de-liberar en Google Chrome versiones anteriores a v26.0.1410.43 para Linux permite a atacantes remotos provocar una denegación de servicio o probablemente tener otro impacto no especificado al aprovechar la presencia de una extensión que crea una ventana emergente. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_26.html https://code.google.com/p/chromium/issues/detail?id=178760 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 1%CPEs: 42EXPL: 0CVE-2013-0926
https://notcve.org/view.php?id=CVE-2013-0926
Google Chrome before 26.0.1410.43 does not properly handle active content in an EMBED element during a copy-and-paste operation, which allows user-assisted remote attackers to have an unspecified impact via a crafted web site. Google Chrome versiones anteriores a v26.0.1410.43 no maneja adecuadamente el contenido activo en un elemento EMBED durante una operación de copiar-y-pegar, permitiendo a atacantes remotos tener un impacto no especificado mediante un sitio web especialmente modificado. • http://git.chromium.org/gitweb/?p=chromium/src.git%3Ba=commit%3Bh=52a30db57ecec68bb3b25fdc3de5e9bee7b80ed7 http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_26.html http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5785 http://support.apple.com/kb/HT5934 https://chromiumcodereview.appspot.com/11884025 https://code.goog • CWE-20: Improper Input Validation •