CVE-2013-0925

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-0925
Google Chrome before 26.0.1410.43 does not ensure that an extension has the tabs (aka APIPermission::kTab) permission before providing a URL to this extension, which has unspecified impact and remote attack vectors.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_26.html Vendor Advisory
https://code.google.com/p/chromium/issues/detail?id=168442 Patch Issue Tracking
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16363
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:google:chrome:26.0.1410.38:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.37:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.36:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.29:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.28:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.21:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.20:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.11:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.10:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.3:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.19:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.30:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.26:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.12:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.40:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.27:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.18:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.35:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.34:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.9:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.8:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.23:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.15:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.39:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.1:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.4:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.14:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.22:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.5:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.31:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.6:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.16:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.17:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.32:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.33:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.25:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.24:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.7:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:26.0.1410.41:*:*:*:*:*:*:*
Information

Published : 2013-03-28 05:18

Updated : 2017-09-18 18:35

NVD link : CVE-2013-0925

Mitre link : CVE-2013-0925

JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa
Products Affected

google

  • chrome