| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-2877 | 5.0 |
parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for
|
09-10-2018 - 19:34 | 10-07-2013 - 10:55 | |
| CVE-2013-2871 | 7.5 |
Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input.
|
19-09-2017 - 01:36 | 10-07-2013 - 10:55 | |
| CVE-2013-2868 | 5.0 |
common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension change
|
19-09-2017 - 01:36 | 10-07-2013 - 10:55 | |
| CVE-2013-2880 | 7.5 |
Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
19-09-2017 - 01:36 | 10-07-2013 - 10:55 | |
| CVE-2013-2873 | 7.5 |
Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a 404 HTTP status code during the loading of resources.
|
19-09-2017 - 01:36 | 10-07-2013 - 10:55 | |
| CVE-2013-2878 | 5.0 |
Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the handling of text.
|
19-09-2017 - 01:36 | 10-07-2013 - 10:55 | |
| CVE-2013-2869 | 4.3 |
Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted JPEG2000 image.
|
19-09-2017 - 01:36 | 10-07-2013 - 10:55 | |
| CVE-2013-2853 | 6.8 |
The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are terminated by \r\n\r\n (carriage return, newline, carriage return, newline), which allows man-in-the-middle attackers to have an unspecified impact via vec
|
19-09-2017 - 01:36 | 10-07-2013 - 10:55 | |
| CVE-2013-2879 | 5.8 |
Google Chrome before 28.0.1500.71 does not properly determine the circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations, which makes it easier for remote attackers to conduct phishing
|
19-09-2017 - 01:36 | 10-07-2013 - 10:55 | |
| CVE-2013-2875 | 5.0 |
core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome before 28.0.1500.71, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
19-09-2017 - 01:36 | 10-07-2013 - 10:55 | |
| CVE-2013-2870 | 9.3 |
Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute arbitrary code via crafted response traffic after a URL request.
|
19-09-2017 - 01:36 | 10-07-2013 - 10:55 | |
| CVE-2013-2867 | 7.5 |
Google Chrome before 28.0.1500.71 does not properly prevent pop-under windows, which allows remote attackers to have an unspecified impact via a crafted web site.
|
19-09-2017 - 01:36 | 10-07-2013 - 10:55 | |
| CVE-2013-2876 | 5.0 |
browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a prev
|
19-09-2017 - 01:36 | 10-07-2013 - 10:55 |