CVE-2013-6649

Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://crbug.com/330420	Exploit
http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html	Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html	Third Party Advisory
http://www.debian.org/security/2014/dsa-2862	Third Party Advisory
https://src.chromium.org/viewvc/blink?revision=164536&view=revision
http://crbug.com/330420	Exploit
http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html	Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html	Third Party Advisory
http://www.debian.org/security/2014/dsa-2862	Third Party Advisory
https://src.chromium.org/viewvc/blink?revision=164536&view=revision

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:google:chrome::::::::
	cpe:2.3:a:google:chrome:32.0.1700.0:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.2:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.3:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.4:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.5:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.6:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.7:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.8:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.9:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.10:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.11:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.12:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.13:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.14:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.15:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.16:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.17:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.18:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.19:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.21:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.22:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.23:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.24:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.26:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.27:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.28:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.29:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.30:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.31:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.32:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.33:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.34:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.35:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.38:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.39:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.41:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.50:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.51:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.52:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.53:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.54:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.55:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.56:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.57:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.58:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.59:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.62:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.63:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.64:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.65:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.66:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.67:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.68:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.69:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.70:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.71:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.72:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.74:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.75:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.76:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.77:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.94:::::::*
	cpe:2.3:a:google:chrome:32.0.1700.95:::::::*
cpe:2.3:a:google:chrome:32.0.1700.96:::::::*
cpe:2.3:a:google:chrome:32.0.1700.97:::::::*
cpe:2.3:a:google:chrome:32.0.1700.98:::::::*
cpe:2.3:a:google:chrome:32.0.1700.99:::::::*
cpe:2.3:a:google:chrome:32.0.1700.100:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:opensuse:opensuse:12.3:::::::*
	cpe:2.3:o:opensuse:opensuse:13.1:::::::*

History

21 Nov 2024, 01:59

Type	Values Removed	Values Added
References	~~() http://crbug.com/330420 - Exploit~~	() http://crbug.com/330420 - Exploit
References	~~() http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html - Vendor Advisory~~	() http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html - Vendor Advisory
References	~~() http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html - Third Party Advisory~~	() http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html - Third Party Advisory
References	~~() http://www.debian.org/security/2014/dsa-2862 - Third Party Advisory~~	() http://www.debian.org/security/2014/dsa-2862 - Third Party Advisory
References	~~() https://src.chromium.org/viewvc/blink?revision=164536&view=revision -~~	() https://src.chromium.org/viewvc/blink?revision=164536&view=revision -

Information

Published : 2014-01-28 14:30

Updated : 2024-11-21 01:59

NVD link : CVE-2013-6649

Mitre link : CVE-2013-6649

CVE.ORG link : CVE-2013-6649

JSON object : View

Products Affected

google

chrome

debian

debian_linux

opensuse

opensuse

CWE

CWE-399

Resource Management Errors

7.5 /10