CVE-2013-0924

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-0924
The extension functionality in Google Chrome before 26.0.1410.43 does not verify that use of the permissions API is consistent with file permissions, which has unspecified impact and attack vectors.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_26.html Vendor Advisory
https://code.google.com/p/chromium/issues/detail?id=169632 Patch Issue Tracking
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16674
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.35:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.34:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.26:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.25:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.18:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.17:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.9:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.8:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.7:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.19:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.37:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.30:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.12:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.40:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.27:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.11:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.38:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.21:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.36:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.20:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.3:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.10:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.28:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.39:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.1:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.4:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.14:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.22:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.41:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.29:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.6:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.16:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.32:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.23:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.33:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.15:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.24:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.5:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.31:*:*:*:*:*:*:*
Information

Published : 2013-03-28 05:18

Updated : 2017-09-18 18:35

NVD link : CVE-2013-0924

Mitre link : CVE-2013-0924

JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa
Products Affected

google

  • chrome