Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-6656 | 5.0 |
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, whi
|
01-04-2014 - 06:26 | 24-02-2014 - 04:48 | |
CVE-2013-6653 | 7.5 |
Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to
|
01-04-2014 - 06:26 | 24-02-2014 - 04:48 | |
CVE-2013-6660 | 5.0 |
The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathnames via a crafted web site.
|
01-04-2014 - 06:26 | 24-02-2014 - 04:48 | |
CVE-2013-6654 | 7.5 |
The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which allows remote attackers to cause a denial of servi
|
01-04-2014 - 06:26 | 24-02-2014 - 04:48 | |
CVE-2013-6661 | 7.5 |
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors.
|
01-04-2014 - 06:26 | 24-02-2014 - 04:48 | |
CVE-2013-6659 | 6.4 |
The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to tri
|
01-04-2014 - 06:26 | 24-02-2014 - 04:48 | |
CVE-2013-6655 | 7.5 |
Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM event
|
01-04-2014 - 06:26 | 24-02-2014 - 04:48 | |
CVE-2013-6657 | 6.4 |
core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Or
|
01-04-2014 - 06:26 | 24-02-2014 - 04:48 | |
CVE-2013-6658 | 7.5 |
Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) runn
|
01-04-2014 - 06:26 | 24-02-2014 - 04:48 | |
CVE-2013-6652 | 7.5 |
Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks
|
24-02-2014 - 19:20 | 24-02-2014 - 04:48 |