CVE-2013-6663
Vulnerability Summary
Timeline
Description
Use-after-free vulnerability in the SVGImage::setContainerSize function in core/svg/graphics/SVGImage.cpp in the SVG implementation in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the resizing of a view.
CVSS Metrics
- v2.0•HIGH•Score: 7.5AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Trends
Current EPSS score: 2.05%• Percentile: 84%
Techniques & Countermeasures
- CWE-399•Resource Management Errors
Weaknesses in this category are related to improper management of system resources.
Affected Systems
- google•chrome
≤ 33.0.1750.144 | 33.0.1750.0 | 33.0.1750.1 | 33.0.1750.2 | 33.0.1750.3 | 33.0.1750.4 | 33.0.1750.5 | 33.0.1750.6 | 33.0.1750.7 | 33.0.1750.8 | 33.0.1750.9 | 33.0.1750.10 | 33.0.1750.11 | 33.0.1750.12 | 33.0.1750.13 | 33.0.1750.14 | 33.0.1750.15 | 33.0.1750.16 | 33.0.1750.18 | 33.0.1750.19 | 33.0.1750.20 | 33.0.1750.21 | 33.0.1750.22 | 33.0.1750.23 | 33.0.1750.24 | 33.0.1750.25 | 33.0.1750.26 | 33.0.1750.27 | 33.0.1750.28 | 33.0.1750.29 | 33.0.1750.30 | 33.0.1750.31 | 33.0.1750.34 | 33.0.1750.35 | 33.0.1750.36 | 33.0.1750.37 | 33.0.1750.38 | 33.0.1750.39 | 33.0.1750.40 | 33.0.1750.41 | 33.0.1750.42 | 33.0.1750.43 | 33.0.1750.44 | 33.0.1750.45 | 33.0.1750.46 | 33.0.1750.47 | 33.0.1750.48 | 33.0.1750.49 | 33.0.1750.50 | 33.0.1750.51 | 33.0.1750.52 | 33.0.1750.53 | 33.0.1750.54 | 33.0.1750.55 | 33.0.1750.56 | 33.0.1750.57 | 33.0.1750.58 | 33.0.1750.59 | 33.0.1750.60 | 33.0.1750.61 | 33.0.1750.62 | 33.0.1750.63 | 33.0.1750.64 | 33.0.1750.65 | 33.0.1750.66 | 33.0.1750.67 | 33.0.1750.68 | 33.0.1750.69 | 33.0.1750.70 | 33.0.1750.71 | 33.0.1750.73 | 33.0.1750.74 | 33.0.1750.75 | 33.0.1750.76 | 33.0.1750.77 | 33.0.1750.79 | 33.0.1750.80 | 33.0.1750.81 | 33.0.1750.82 | 33.0.1750.83 | 33.0.1750.85 | 33.0.1750.88 | 33.0.1750.89 | 33.0.1750.90 | 33.0.1750.91 | 33.0.1750.92 | 33.0.1750.93 | 33.0.1750.104 | 33.0.1750.106 | 33.0.1750.107 | 33.0.1750.108 | 33.0.1750.109 | 33.0.1750.110 | 33.0.1750.111 | 33.0.1750.112 | 33.0.1750.113 | 33.0.1750.115 | 33.0.1750.116 | 33.0.1750.117 | 33.0.1750.124 | 33.0.1750.125 | 33.0.1750.126 | 33.0.1750.132 | 33.0.1750.133 | 33.0.1750.135 | 33.0.1750.136
References (13)
- http://www.securityfocus.com/bid/65930
- http://www.debian.org/security/2014/dsa-2883
- http://support.apple.com/kb/HT6441
- https://support.apple.com/kb/HT6537
- http://support.apple.com/kb/HT6442
- http://secunia.com/advisories/61318
- http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html
- http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html
- http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html
- http://support.apple.com/kb/HT6440
- http://secunia.com/advisories/61306
- https://code.google.com/p/chromium/issues/detail?id=344492
- https://src.chromium.org/viewvc/blink?revision=168152&view=revision