CVE-2013-6632
Advisory lineage Upstream: 0 Downstream: 4
Modified
Published: 16 Nov 2013, 15:00
Last modified:06 Aug 2024, 17:46
Vulnerability Summary
Overall Risk (default)
high
70/100 CVSS Score
9.3 HIGH
v2.0 (nvd)
EPSS Score
13.22% MEDIUM
13% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
16 Nov 2013, 15:00
Published
Vulnerability first disclosed
06 Aug 2024, 17:46
Last Modified
Vulnerability information updated
Description
Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013.
CVSS Metrics
- v2.0•HIGH•Score: 9.3AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS Trends
Current EPSS score: 13.22%• Percentile: 94%
Techniques & Countermeasures
- CWE-189•Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.
Affected Systems
- debian•debian_linux
7.0 | 8.0
- google•chrome
< 31.0.1650.57
References (10)
- https://code.google.com/p/chromium/issues/detail?id=319125
- http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
- http://www.hppwn2own.com/chrome-nexus-4-samsung-galaxy-s4-falls/
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html
- http://googlechromereleases.blogspot.com/2013/11/chrome-for-android-update.html
- http://googlechromereleases.blogspot.com/2013/11/stable-channel-update_14.html
- https://code.google.com/p/chromium/issues/detail?id=319117
- http://www.debian.org/security/2013/dsa-2799
- http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html