Multiple vulnerabilities in Chrome
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2013-6634 CVE-2013-6635 CVE-2013-6636 CVE-2013-6637 |
| CWE-ID | CWE-287 CWE-416 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Google Chrome Client/Desktop applications / Web browsers |
| Vendor |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Improper Authentication
EUVDB-ID: #VU42294
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-6634
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The OneClickSigninHelper::ShowInfoBarIfPossible function in browser/ui/sync/one_click_signin_helper.cc in Google Chrome before 31.0.1650.63 uses an incorrect URL during realm validation, which allows remote attackers to conduct session fixation attacks and hijack web sessions by triggering improper sync after a 302 (aka Found) HTTP status code.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 31.0.1650.0 - 31.0.1650.61
CPE2.3- cpe:2.3:a:google:google_chrome:31.0.1650.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:31.0.1650.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:31.0.1650.3:*:*:*:*:*:*:*
https://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html
https://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html
https://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html
https://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
https://secunia.com/advisories/56217
https://www.debian.org/security/2013/dsa-2811
https://www.securitytracker.com/id/1029442
https://code.google.com/p/chromium/issues/detail?id=307159
https://src.chromium.org/viewvc/chrome?revision=236563&view=revision
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use-after-free
EUVDB-ID: #VU42295
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-6635
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing JavaScript code that triggers removal of a node during processing of the DOM tree, related to CompositeEditCommand.cpp and ReplaceSelectionCommand.cpp. A remote attackers can cause a denial of service or possibly have unspecified other impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 31.0.1650.0 - 31.0.1650.61
CPE2.3- cpe:2.3:a:google:google_chrome:31.0.1650.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:31.0.1650.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:31.0.1650.3:*:*:*:*:*:*:*
https://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html
https://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html
https://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html
https://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
https://secunia.com/advisories/56217
https://support.apple.com/kb/HT6145
https://support.apple.com/kb/HT6162
https://support.apple.com/kb/HT6163
https://www.debian.org/security/2013/dsa-2811
https://www.securitytracker.com/id/1029442
https://code.google.com/p/chromium/issues/detail?id=314469
https://src.chromium.org/viewvc/blink?revision=161598&view=revision
https://support.apple.com/kb/HT6537
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU42296
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-6636
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors involving the document.write method.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 31.0.1650.0 - 31.0.1650.61
CPE2.3- cpe:2.3:a:google:google_chrome:31.0.1650.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:31.0.1650.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:31.0.1650.3:*:*:*:*:*:*:*
https://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html
https://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html
https://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html
https://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
https://secunia.com/advisories/56217
https://www.debian.org/security/2013/dsa-2811
https://www.securitytracker.com/id/1029442
https://code.google.com/p/chromium/issues/detail?id=322959
https://src.chromium.org/viewvc/blink?revision=162673&view=revision
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU42297
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-6637
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsGoogle Chrome: 31.0.1650.0 - 31.0.1650.61
CPE2.3- cpe:2.3:a:google:google_chrome:31.0.1650.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:31.0.1650.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:google_chrome:31.0.1650.3:*:*:*:*:*:*:*
https://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html
https://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html
https://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html
https://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
https://secunia.com/advisories/56217
https://www.debian.org/security/2013/dsa-2811
https://www.securitytracker.com/id/1029442
https://code.google.com/p/chromium/issues/detail?id=300892
https://code.google.com/p/chromium/issues/detail?id=305904
https://code.google.com/p/chromium/issues/detail?id=308988
https://code.google.com/p/chromium/issues/detail?id=313435
https://code.google.com/p/chromium/issues/detail?id=317999
https://code.google.com/p/chromium/issues/detail?id=319722
https://code.google.com/p/chromium/issues/detail?id=319835
https://code.google.com/p/chromium/issues/detail?id=319860
https://code.google.com/p/chromium/issues/detail?id=319914
https://code.google.com/p/chromium/issues/detail?id=320313
https://code.google.com/p/chromium/issues/detail?id=322554
https://code.google.com/p/chromium/issues/detail?id=325501
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
