CVE-2013-2872

MEDIUM

Description

Google Chrome before 28.0.1500.71 on Mac OS X does not ensure a sufficient source of entropy for renderer processes, which might make it easier for remote attackers to defeat cryptographic protection mechanisms in third-party components via unspecified vectors.

References

http://git.chromium.org/gitweb/?p=chromium/chromium.git;a=commit;h=5e3678ea33ab00b5977bde219cd9ec6f1768d78a

http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html

https://code.google.com/p/chromium/issues/detail?id=242702

Details

Source: MITRE

Published: 2013-07-10

Updated: 2013-07-10

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 5

Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

AND

OR

cpe:2.3:a:google:chrome:28.0.1500.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.3:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.4:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.5:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.6:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.8:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.9:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.10:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.11:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.12:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.13:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.14:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.15:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.16:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.17:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.18:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.19:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.20:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.21:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.22:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.23:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.24:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.25:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.26:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.27:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.28:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.29:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.31:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.32:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.34:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.35:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.36:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.37:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.38:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.39:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.40:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.41:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.42:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.43:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.44:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.45:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.46:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.47:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.48:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.49:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.50:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.51:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.52:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.53:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.54:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.56:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.58:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.59:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.60:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.61:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.62:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.63:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.64:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.66:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:28.0.1500.68:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

OR

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Tenable Plugins

View all (4 total)

ID	Name	Product	Family	Severity
801411	Google Chrome < 28.0.1500.71 Multiple Security Vulnerabilities	Log Correlation Engine	Web Clients	high
67237	FreeBSD : chromium -- multiple vulnerabilities (3b80104f-e96c-11e2-8bac-00262d5ed8ee)	Nessus	FreeBSD Local Security Checks	high
6920	Google Chrome < 28.0.1500.71 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
67232	Google Chrome < 28.0.1500.71 Multiple Vulnerabilities	Nessus	Windows	medium