Main Vulnerability Database Vulnerabilities #VU42945

Permissions, Privileges, and Access Controls in Google Chrome - CVE-2013-0921

Published: March 28, 2013 / Updated: August 11, 2020

Vulnerability identifier: #VU42945

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2013-0921

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
Google Chrome

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The Isolated Sites feature in Google Chrome before 26.0.1410.43 does not properly enforce the use of separate processes, which makes it easier for remote attackers to bypass intended access restrictions via a crafted web site.

How to mitigate CVE-2013-0921

Install update from vendor's website.

Sources

http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_26.html
https://code.google.com/p/chromium/issues/detail?id=174943
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16670

Permissions, Privileges, and Access Controls in Google Chrome - CVE-2013-0921

Detailed vulnerability description

How to mitigate CVE-2013-0921

Sources

Please verify you're human