#VU41969 Input validation error in Google Chrome - CVE-2013-6667


| Updated: 2020-08-10

Vulnerability identifier: #VU41969

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2013-6667

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Google Chrome
Client/Desktop applications / Web browsers

Vendor: Google

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.146 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Google Chrome: 33.0.1750.0 - 33.0.1750.136

External links
https://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html
https://www.debian.org/security/2014/dsa-2883
https://www.securityfocus.com/bid/65930
https://code.google.com/p/chromium/issues/detail?id=329006
https://code.google.com/p/chromium/issues/detail?id=332947
https://code.google.com/p/chromium/issues/detail?id=333279
https://code.google.com/p/chromium/issues/detail?id=333280
https://code.google.com/p/chromium/issues/detail?id=339667
https://code.google.com/p/chromium/issues/detail?id=341060
https://code.google.com/p/chromium/issues/detail?id=341063
https://code.google.com/p/chromium/issues/detail?id=341068
https://code.google.com/p/chromium/issues/detail?id=343265
https://code.google.com/p/chromium/issues/detail?id=343964
https://code.google.com/p/chromium/issues/detail?id=344186
https://code.google.com/p/chromium/issues/detail?id=344887
https://code.google.com/p/chromium/issues/detail?id=345959
https://code.google.com/p/chromium/issues/detail?id=347302
https://code.google.com/p/chromium/issues/detail?id=347909
https://code.google.com/p/chromium/issues/detail?id=348175

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Chrome