CVE-2013-6650

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handling of "popular pages."

References

http://crbug.com/331444

http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html

http://www.debian.org/security/2014/dsa-2862

https://code.google.com/p/v8/source/detail?r=18483

Details

Source: MITRE

Published: 2014-01-28

Updated: 2018-10-30

Type: CWE-20

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:google:chrome:32.0.1700.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.3:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.4:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.5:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.6:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.7:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.8:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.9:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.10:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.11:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.12:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.13:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.14:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.15:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.16:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.17:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.18:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.19:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.21:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.22:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.23:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.24:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.26:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.27:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.28:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.29:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.30:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.31:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.32:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.34:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.35:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.38:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.39:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.41:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.50:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.51:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.52:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.53:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.54:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.55:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.56:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.57:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.58:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.59:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.62:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.63:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.64:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.65:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.66:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.67:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.68:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.69:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.70:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.71:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.72:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.74:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.75:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.76:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.77:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.94:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.95:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.96:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.97:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.98:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.99:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:32.0.1700.100:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to 32.0.1700.101 (inclusive)

Configuration 3

OR

cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
75257openSUSE Security Update : chromium (openSUSE-SU-2014:0243-1)NessusSuSE Local Security Checks
high
72890Fedora 19 : v8-3.14.5.10-6.fc19 (2014-3253)NessusFedora Local Security Checks
high
72889Fedora 20 : v8-3.14.5.10-6.fc20 (2014-3222)NessusFedora Local Security Checks
high
72851GLSA-201403-01 : Chromium, V8: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
72538Debian DSA-2862-1 : chromium-browser - several vulnerabilitiesNessusDebian Local Security Checks
high
8102Google Chrome < 32.0.1700.102 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
72168Google Chrome < 32.0.1700.102 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
high
72167Google Chrome < 32.0.1700.102 Multiple VulnerabilitiesNessusWindows
critical
72157FreeBSD : chromium -- multiple vulnerabilities (f9810c43-87a5-11e3-9214-00262d5ed8ee)NessusFreeBSD Local Security Checks
high
801616Google Chrome < 32.0.1700.102 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high