CVE-2013-6661 : Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protect

Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors.

Published 2014-02-24 04:48:10

Updated 2014-04-01 06:26:55

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2013-6661

Probability of exploitation activity in the next 30 days: 0.97%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 82 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2013-6661

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2013-6661

http://lists.opensuse.org/opensuse-updates/2014-03/msg00006.html

openSUSE-SU-2014:0327-1: moderate: chromium: update to 33.0.1750.117 sec

CVEs referencing this url
https://code.google.com/p/chromium/issues/detail?id=344876

344876 - Tracking bug for internal security fixes for Chrome 33, Release 0 - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=333885

333885 - Stack-use-after-return in _mesa_optimize_program - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=330750

330750 - ASSERTION FAILED: obj->isRenderInline() || obj == this, UNKNOWN in WebCore::RenderBlockFlow::createLineBoxes - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=294687

294687 - Heap-use-after-free in task_manager::ExtensionProcessResource::GetProfileName - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=314088

314088 - Use-after-free in content::WebPluginDelegateStub::~WebPluginDelegateStub - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=330222

330222 - UNKNOWN in TIntermSymbol::TIntermSymbol - chromium - Monorail
http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html

Chrome Releases: Stable Channel Update
Vendor Advisory

CVEs referencing this url
https://code.google.com/p/chromium/issues/detail?id=313005

313005 - Heap-use-after-free in WebCore::Element::focus - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=338561

338561 - Heap-use-after-free in content::MediaStreamManager::FinalizeEnumerateDevices - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=326860

326860 - Heap-use-after-free in WebCore::RenderBlockFlow::determineStartPosition - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=339337

339337 - Use RefPtr in PageWidgetDelegate and guard RenderView - chromium - Monorail
http://www.debian.org/security/2014/dsa-2883

Debian -- Security Information -- DSA-2883-1 chromium-browser

CVEs referencing this url
https://code.google.com/p/chromium/issues/detail?id=341220

341220 - Chrome_ChromeOS: Crash Report - WebCore::KURL::init - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=324812

324812 - Security: leaking the raw global object when passing callbacks between contexts - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=312016

312016 - ViewHostMsg_CreateWindow: next route_id can be taken from the wrong process - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=332957

332957 - PartialCircularBuffer is unsafe to use across security boundaries - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=328620

328620 - The GPU sandbox sometimes call InitializeSandbox() with threads appearing running. - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=338532

338532 - UNKNOWN in /usr/lib/x86_64-linux-gnu/libstdc++.so.6+0x6441f - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=329651

329651 - UAF: Utterance should not keep a raw pointer to TtsMessageFilter - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=338464

338464 - UaF of ColorChooserAura - chromium - Monorail
https://code.google.com/p/chromium/issues/detail?id=334274

334274 - Security: Sandbox escape due to vector length mismatch in IndexedDBHostMsg_DatabasePut IPC message - chromium - Monorail

Products affected by CVE-2013-6661

Google » Chrome
Versions up to, including, (<=) 33.0.1750.116
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.113
cpe:2.3:a:google:chrome:33.0.1750.113:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.112
cpe:2.3:a:google:chrome:33.0.1750.112:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.104
cpe:2.3:a:google:chrome:33.0.1750.104:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.93
cpe:2.3:a:google:chrome:33.0.1750.93:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.83
cpe:2.3:a:google:chrome:33.0.1750.83:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.82
cpe:2.3:a:google:chrome:33.0.1750.82:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.73
cpe:2.3:a:google:chrome:33.0.1750.73:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.71
cpe:2.3:a:google:chrome:33.0.1750.71:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.64
cpe:2.3:a:google:chrome:33.0.1750.64:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.63
cpe:2.3:a:google:chrome:33.0.1750.63:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.56
cpe:2.3:a:google:chrome:33.0.1750.56:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.55
cpe:2.3:a:google:chrome:33.0.1750.55:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.47
cpe:2.3:a:google:chrome:33.0.1750.47:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.46
cpe:2.3:a:google:chrome:33.0.1750.46:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.39
cpe:2.3:a:google:chrome:33.0.1750.39:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.38
cpe:2.3:a:google:chrome:33.0.1750.38:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.29
cpe:2.3:a:google:chrome:33.0.1750.29:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.28
cpe:2.3:a:google:chrome:33.0.1750.28:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.27
cpe:2.3:a:google:chrome:33.0.1750.27:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.20
cpe:2.3:a:google:chrome:33.0.1750.20:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.19
cpe:2.3:a:google:chrome:33.0.1750.19:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.11
cpe:2.3:a:google:chrome:33.0.1750.11:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.10
cpe:2.3:a:google:chrome:33.0.1750.10:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.2
cpe:2.3:a:google:chrome:33.0.1750.2:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.1
cpe:2.3:a:google:chrome:33.0.1750.1:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.115
cpe:2.3:a:google:chrome:33.0.1750.115:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.107
cpe:2.3:a:google:chrome:33.0.1750.107:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.106
cpe:2.3:a:google:chrome:33.0.1750.106:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.88
cpe:2.3:a:google:chrome:33.0.1750.88:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.85
cpe:2.3:a:google:chrome:33.0.1750.85:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.75
cpe:2.3:a:google:chrome:33.0.1750.75:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.74
cpe:2.3:a:google:chrome:33.0.1750.74:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.66
cpe:2.3:a:google:chrome:33.0.1750.66:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.65
cpe:2.3:a:google:chrome:33.0.1750.65:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.58
cpe:2.3:a:google:chrome:33.0.1750.58:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.57
cpe:2.3:a:google:chrome:33.0.1750.57:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.49
cpe:2.3:a:google:chrome:33.0.1750.49:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.48
cpe:2.3:a:google:chrome:33.0.1750.48:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.41
cpe:2.3:a:google:chrome:33.0.1750.41:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.40
cpe:2.3:a:google:chrome:33.0.1750.40:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.31
cpe:2.3:a:google:chrome:33.0.1750.31:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.30
cpe:2.3:a:google:chrome:33.0.1750.30:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.22
cpe:2.3:a:google:chrome:33.0.1750.22:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.21
cpe:2.3:a:google:chrome:33.0.1750.21:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.13
cpe:2.3:a:google:chrome:33.0.1750.13:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.12
cpe:2.3:a:google:chrome:33.0.1750.12:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.5
cpe:2.3:a:google:chrome:33.0.1750.5:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.4
cpe:2.3:a:google:chrome:33.0.1750.4:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.3
cpe:2.3:a:google:chrome:33.0.1750.3:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.109
cpe:2.3:a:google:chrome:33.0.1750.109:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.108
cpe:2.3:a:google:chrome:33.0.1750.108:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.90
cpe:2.3:a:google:chrome:33.0.1750.90:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.89
cpe:2.3:a:google:chrome:33.0.1750.89:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.79
cpe:2.3:a:google:chrome:33.0.1750.79:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.77
cpe:2.3:a:google:chrome:33.0.1750.77:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.76
cpe:2.3:a:google:chrome:33.0.1750.76:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.68
cpe:2.3:a:google:chrome:33.0.1750.68:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.67
cpe:2.3:a:google:chrome:33.0.1750.67:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.60
cpe:2.3:a:google:chrome:33.0.1750.60:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.59
cpe:2.3:a:google:chrome:33.0.1750.59:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.51
cpe:2.3:a:google:chrome:33.0.1750.51:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.50
cpe:2.3:a:google:chrome:33.0.1750.50:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.43
cpe:2.3:a:google:chrome:33.0.1750.43:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.42
cpe:2.3:a:google:chrome:33.0.1750.42:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.35
cpe:2.3:a:google:chrome:33.0.1750.35:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.34
cpe:2.3:a:google:chrome:33.0.1750.34:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.24
cpe:2.3:a:google:chrome:33.0.1750.24:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.23
cpe:2.3:a:google:chrome:33.0.1750.23:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.15
cpe:2.3:a:google:chrome:33.0.1750.15:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.14
cpe:2.3:a:google:chrome:33.0.1750.14:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.7
cpe:2.3:a:google:chrome:33.0.1750.7:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.6
cpe:2.3:a:google:chrome:33.0.1750.6:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.111
cpe:2.3:a:google:chrome:33.0.1750.111:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.110
cpe:2.3:a:google:chrome:33.0.1750.110:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.92
cpe:2.3:a:google:chrome:33.0.1750.92:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.91
cpe:2.3:a:google:chrome:33.0.1750.91:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.81
cpe:2.3:a:google:chrome:33.0.1750.81:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.80
cpe:2.3:a:google:chrome:33.0.1750.80:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.70
cpe:2.3:a:google:chrome:33.0.1750.70:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.69
cpe:2.3:a:google:chrome:33.0.1750.69:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.62
cpe:2.3:a:google:chrome:33.0.1750.62:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.61
cpe:2.3:a:google:chrome:33.0.1750.61:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.54
cpe:2.3:a:google:chrome:33.0.1750.54:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.53
cpe:2.3:a:google:chrome:33.0.1750.53:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.52
cpe:2.3:a:google:chrome:33.0.1750.52:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.45
cpe:2.3:a:google:chrome:33.0.1750.45:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.44
cpe:2.3:a:google:chrome:33.0.1750.44:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.37
cpe:2.3:a:google:chrome:33.0.1750.37:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.36
cpe:2.3:a:google:chrome:33.0.1750.36:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.26
cpe:2.3:a:google:chrome:33.0.1750.26:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.25
cpe:2.3:a:google:chrome:33.0.1750.25:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.18
cpe:2.3:a:google:chrome:33.0.1750.18:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.16
cpe:2.3:a:google:chrome:33.0.1750.16:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.9
cpe:2.3:a:google:chrome:33.0.1750.9:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.8
cpe:2.3:a:google:chrome:33.0.1750.8:*:*:*:*:*:*:*
Matching versions
Google » Chrome » Version: 33.0.1750.0
cpe:2.3:a:google:chrome:33.0.1750.0:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2013-6661

Exploit prediction scoring system (EPSS) score for CVE-2013-6661

CVSS scores for CVE-2013-6661

References for CVE-2013-6661

Products affected by CVE-2013-6661