CVE-2013-2856
high
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
7.5
Description
Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
Debian Affected 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 8.0 | Affected | โ |
| 7.0 | Affected | โ |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| chrome | {"endIncluding":"27.0.1453.109"} | | |
| chrome | 27.0.1453.0 | | |
| chrome | 27.0.1453.1 | | |
| chrome | 27.0.1453.2 | | |
| chrome | 27.0.1453.3 | | |
| chrome | 27.0.1453.4 | | |
| chrome | 27.0.1453.5 | | |
| chrome | 27.0.1453.6 | | |
| chrome | 27.0.1453.7 | | |
| chrome | 27.0.1453.8 | | |
| chrome | 27.0.1453.9 | | |
| chrome | 27.0.1453.10 | | |
| chrome | 27.0.1453.11 | | |
| chrome | 27.0.1453.12 | | |
| chrome | 27.0.1453.13 | | |
| chrome | 27.0.1453.15 | | |
| chrome | 27.0.1453.34 | | |
| chrome | 27.0.1453.35 | | |
| chrome | 27.0.1453.36 | | |
| chrome | 27.0.1453.37 | | |
| chrome | 27.0.1453.38 | | |
| chrome | 27.0.1453.39 | | |
| chrome | 27.0.1453.40 | | |
| chrome | 27.0.1453.41 | | |
| chrome | 27.0.1453.42 | | |
| chrome | 27.0.1453.43 | | |
| chrome | 27.0.1453.44 | | |
| chrome | 27.0.1453.45 | | |
| chrome | 27.0.1453.46 | | |
| chrome | 27.0.1453.47 | | |
| chrome | 27.0.1453.49 | | |
| chrome | 27.0.1453.50 | | |
| chrome | 27.0.1453.51 | | |
| chrome | 27.0.1453.52 | | |
| chrome | 27.0.1453.54 | | |
| chrome | 27.0.1453.55 | | |
| chrome | 27.0.1453.56 | | |
| chrome | 27.0.1453.57 | | |
| chrome | 27.0.1453.58 | | |
| chrome | 27.0.1453.59 | | |
| chrome | 27.0.1453.60 | | |
| chrome | 27.0.1453.61 | | |
| chrome | 27.0.1453.62 | | |
| chrome | 27.0.1453.63 | | |
| chrome | 27.0.1453.64 | | |
| chrome | 27.0.1453.65 | | |
| chrome | 27.0.1453.66 | | |
| chrome | 27.0.1453.67 | | |
| chrome | 27.0.1453.68 | | |
| chrome | 27.0.1453.69 | | |
| chrome | 27.0.1453.70 | | |
| chrome | 27.0.1453.71 | | |
| chrome | 27.0.1453.72 | | |
| chrome | 27.0.1453.73 | | |
| chrome | 27.0.1453.74 | | |
| chrome | 27.0.1453.75 | | |
| chrome | 27.0.1453.76 | | |
| chrome | 27.0.1453.77 | | |
| chrome | 27.0.1453.78 | | |
| chrome | 27.0.1453.79 | | |
| chrome | 27.0.1453.80 | | |
| chrome | 27.0.1453.81 | | |
| chrome | 27.0.1453.82 | | |
| chrome | 27.0.1453.83 | | |
| chrome | 27.0.1453.84 | | |
| chrome | 27.0.1453.85 | | |
| chrome | 27.0.1453.86 | | |
| chrome | 27.0.1453.87 | | |
| chrome | 27.0.1453.88 | | |
| chrome | 27.0.1453.89 | | |
| chrome | 27.0.1453.90 | | |
| chrome | 27.0.1453.91 | | |
| chrome | 27.0.1453.93 | | |
| chrome | 27.0.1453.94 | | |
| chrome | 27.0.1453.102 | | |
| chrome | 27.0.1453.103 | | |
| chrome | 27.0.1453.104 | | |
| chrome | 27.0.1453.105 | | |
| chrome | 27.0.1453.106 | | |
| chrome | 27.0.1453.107 | | |
| chrome | 27.0.1453.108 | |
References
- http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html
- http://www.debian.org/security/2013/dsa-2706
- https://code.google.com/p/chromium/issues/detail?id=242224
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16811
- http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html
- http://www.debian.org/security/2013/dsa-2706
- https://code.google.com/p/chromium/issues/detail?id=242224
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16811
CWEs
CWE-416
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.