CVE-2013-6636

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-6636
The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors involving the document.write method.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html Vendor Advisory
https://code.google.com/p/chromium/issues/detail?id=322959
https://src.chromium.org/viewvc/blink?revision=162673&view=revision Patch
http://www.debian.org/security/2013/dsa-2811
http://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html
http://www.securitytracker.com/id/1029442
http://secunia.com/advisories/56217
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.61:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.53:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.52:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.13:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.14:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.22:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.23:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.30:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.31:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.38:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.59:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.28:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.26:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.4:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.60:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.16:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.39:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.34:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.17:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.51:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.48:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.19:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.10:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.58:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.47:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.25:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.50:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.57:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.15:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.27:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.18:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.45:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.11:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.33:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.32:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.54:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.41:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.5:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.36:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.43:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.44:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.20:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.46:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.7:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.37:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.29:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.8:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.55:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.9:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.3:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.12:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.35:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.42:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.6:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:31.0.1650.49:*:*:*:*:*:*:*
Information

Published : 2013-12-06 16:55

Updated : 2014-03-05 20:49

NVD link : CVE-2013-6636

Mitre link : CVE-2013-6636

JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa
Products Affected

google

  • chrome