Vulnerability Details : CVE-2013-6661
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors.
Exploit prediction scoring system (EPSS) score for CVE-2013-6661
Probability of exploitation activity in the next 30 days: 0.97%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 82 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-6661
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2013-6661
-
http://lists.opensuse.org/opensuse-updates/2014-03/msg00006.html
openSUSE-SU-2014:0327-1: moderate: chromium: update to 33.0.1750.117 sec
-
https://code.google.com/p/chromium/issues/detail?id=344876
344876 - Tracking bug for internal security fixes for Chrome 33, Release 0 - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=333885
333885 - Stack-use-after-return in _mesa_optimize_program - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=330750
330750 - ASSERTION FAILED: obj->isRenderInline() || obj == this, UNKNOWN in WebCore::RenderBlockFlow::createLineBoxes - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=294687
294687 - Heap-use-after-free in task_manager::ExtensionProcessResource::GetProfileName - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=314088
314088 - Use-after-free in content::WebPluginDelegateStub::~WebPluginDelegateStub - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=330222
330222 - UNKNOWN in TIntermSymbol::TIntermSymbol - chromium - Monorail
-
http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html
Chrome Releases: Stable Channel UpdateVendor Advisory
-
https://code.google.com/p/chromium/issues/detail?id=313005
313005 - Heap-use-after-free in WebCore::Element::focus - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=338561
338561 - Heap-use-after-free in content::MediaStreamManager::FinalizeEnumerateDevices - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=326860
326860 - Heap-use-after-free in WebCore::RenderBlockFlow::determineStartPosition - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=339337
339337 - Use RefPtr in PageWidgetDelegate and guard RenderView - chromium - Monorail
-
http://www.debian.org/security/2014/dsa-2883
Debian -- Security Information -- DSA-2883-1 chromium-browser
-
https://code.google.com/p/chromium/issues/detail?id=341220
341220 - Chrome_ChromeOS: Crash Report - WebCore::KURL::init - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=324812
324812 - Security: leaking the raw global object when passing callbacks between contexts - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=312016
312016 - ViewHostMsg_CreateWindow: next route_id can be taken from the wrong process - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=332957
332957 - PartialCircularBuffer is unsafe to use across security boundaries - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=328620
328620 - The GPU sandbox sometimes call InitializeSandbox() with threads appearing running. - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=338532
338532 - UNKNOWN in /usr/lib/x86_64-linux-gnu/libstdc++.so.6+0x6441f - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=329651
329651 - UAF: Utterance should not keep a raw pointer to TtsMessageFilter - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=338464
338464 - UaF of ColorChooserAura - chromium - Monorail
-
https://code.google.com/p/chromium/issues/detail?id=334274
334274 - Security: Sandbox escape due to vector length mismatch in IndexedDBHostMsg_DatabasePut IPC message - chromium - Monorail
Products affected by CVE-2013-6661
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.113:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.112:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.104:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.93:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.83:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.82:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.73:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.71:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.64:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.63:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.56:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.55:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.47:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.29:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.28:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.115:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.107:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.106:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.88:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.85:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.75:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.74:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.66:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.65:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.58:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.57:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.49:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.48:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.40:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.109:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.108:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.90:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.89:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.79:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.77:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.76:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.68:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.67:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.60:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.59:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.51:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.34:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.24:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.111:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.110:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.92:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.91:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.81:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.80:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.70:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.69:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.62:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.61:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.54:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.53:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.52:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.25:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:33.0.1750.0:*:*:*:*:*:*:*