CVE-2013-6631

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call.

References

http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html

http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html

http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html

http://www.debian.org/security/2013/dsa-2799

https://code.google.com/p/chromium/issues/detail?id=296804

https://code.google.com/p/webrtc/source/detail?r=4827

https://webrtc-codereview.appspot.com/2275008

Details

Source: MITRE

Published: 2013-11-19

Updated: 2014-03-06

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:google:chrome:31.0.1650.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.3:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.4:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.5:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.6:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.7:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.8:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.9:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.10:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.11:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.12:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.13:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.14:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.15:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.16:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.17:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.18:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.19:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.20:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.22:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.23:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.25:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.26:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.27:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.28:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.29:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.30:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.31:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.32:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.34:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.35:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.36:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.37:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.38:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.39:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.41:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.42:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.43:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.44:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.45:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:31.0.1650.46:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to 31.0.1650.47 (inclusive)

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
75366openSUSE Security Update : chromium (openSUSE-SU-2014:0065-1)NessusSuSE Local Security Checks
critical
75225openSUSE Security Update : chromium (openSUSE-SU-2013:1861-1)NessusSuSE Local Security Checks
critical
75213openSUSE Security Update : chromium (openSUSE-SU-2013:1777-1)NessusSuSE Local Security Checks
critical
75212openSUSE Security Update : chromium (openSUSE-SU-2013:1776-1)NessusSuSE Local Security Checks
critical
8059Google Chrome < 31.0.1650.48 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
critical
801611Google Chrome < 31.0.1650.48 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
70986Debian DSA-2799-1 : chromium-browser - several vulnerabilitiesNessusDebian Local Security Checks
critical
70917Google Chrome < 31.0.1650.48 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
70916Google Chrome < 31.0.1650.48 Multiple VulnerabilitiesNessusWindows
critical
70865FreeBSD : chromium -- multiple vulnerabilities (3bfc7016-4bcc-11e3-b0cf-00262d5ed8ee)NessusFreeBSD Local Security Checks
critical