Main Vulnerability Database Vulnerabilities #VU43069

Permissions, Privileges, and Access Controls in Opensuse - CVE-2013-0885

Published: February 23, 2013 / Updated: August 11, 2020

Vulnerability identifier: #VU43069

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2013-0885

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: SUSE

Affected software:
Opensuse

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict API privileges during interaction with the Chrome Web Store, which has unspecified impact and attack vectors.

How to mitigate CVE-2013-0885

Install update from vendor's website.

Sources

http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html
http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html
https://code.google.com/p/chromium/issues/detail?id=172369
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16255

Permissions, Privileges, and Access Controls in Opensuse - CVE-2013-0885

Detailed vulnerability description

How to mitigate CVE-2013-0885

Sources

Please verify you're human