fkie_cve-2013-2834
Vulnerability from fkie_nvd
Published
2013-04-16 20:55
Modified
2024-11-21 01:52
Severity ?
Summary
Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site, a different vulnerability than CVE-2013-2835.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome_os | * | ||
| chrome_os | 26.0.1410.0 | ||
| chrome_os | 26.0.1410.1 | ||
| chrome_os | 26.0.1410.3 | ||
| chrome_os | 26.0.1410.4 | ||
| chrome_os | 26.0.1410.5 | ||
| chrome_os | 26.0.1410.6 | ||
| chrome_os | 26.0.1410.7 | ||
| chrome_os | 26.0.1410.8 | ||
| chrome_os | 26.0.1410.9 | ||
| chrome_os | 26.0.1410.10 | ||
| chrome_os | 26.0.1410.11 | ||
| chrome_os | 26.0.1410.12 | ||
| chrome_os | 26.0.1410.14 | ||
| chrome_os | 26.0.1410.15 | ||
| chrome_os | 26.0.1410.16 | ||
| chrome_os | 26.0.1410.17 | ||
| chrome_os | 26.0.1410.18 | ||
| chrome_os | 26.0.1410.19 | ||
| chrome_os | 26.0.1410.20 | ||
| chrome_os | 26.0.1410.21 | ||
| chrome_os | 26.0.1410.22 | ||
| chrome_os | 26.0.1410.23 | ||
| chrome_os | 26.0.1410.24 | ||
| chrome_os | 26.0.1410.25 | ||
| chrome_os | 26.0.1410.26 | ||
| chrome_os | 26.0.1410.27 | ||
| chrome_os | 26.0.1410.28 | ||
| chrome_os | 26.0.1410.29 | ||
| chrome_os | 26.0.1410.30 | ||
| chrome_os | 26.0.1410.31 | ||
| chrome_os | 26.0.1410.32 | ||
| chrome_os | 26.0.1410.33 | ||
| chrome_os | 26.0.1410.34 | ||
| chrome_os | 26.0.1410.35 | ||
| chrome_os | 26.0.1410.36 | ||
| chrome_os | 26.0.1410.37 | ||
| chrome_os | 26.0.1410.38 | ||
| chrome_os | 26.0.1410.39 | ||
| chrome_os | 26.0.1410.40 | ||
| chrome_os | 26.0.1410.41 | ||
| chrome_os | 26.0.1410.42 | ||
| chrome_os | 26.0.1410.43 | ||
| chrome_os | 26.0.1410.44 | ||
| chrome_os | 26.0.1410.45 | ||
| chrome_os | 26.0.1410.46 | ||
| chrome_os | 26.0.1410.47 | ||
| chrome_os | 26.0.1410.48 | ||
| chrome_os | 26.0.1410.49 | ||
| chrome_os | 26.0.1410.50 | ||
| chrome_os | 26.0.1410.51 | ||
| chrome_os | 26.0.1410.52 | ||
| chrome_os | 26.0.1410.54 | ||
| chrome_os | 26.0.1410.55 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D66E267-A6D0-46A4-B988-DE0A4779CBEC",
"versionEndIncluding": "26.0.1410.56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57C32233-05E6-4847-B25D-1C38A6C26453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CC14076B-3334-449B-A902-3D8B49615046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C2B604-D105-4AF7-8E0C-A6DD958BD329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFB0E35-D224-4620-9F3A-A60ACBFBEE74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.5:*:*:*:*:*:*:*",
"matchCriteriaId": "36A08B6C-532F-42B3-8D5A-3AF70DC0ED70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5A990528-D530-401C-AAF7-8751EF47BD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F4952903-5E34-4A6D-97C6-01142D640BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E2D88C-B327-42D4-B05F-7AAED139D70D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1F9F18-7C6D-40F5-A38E-73944ADE49D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4019D15A-4252-4C9F-A245-296C6BDC2F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.11:*:*:*:*:*:*:*",
"matchCriteriaId": "04A216CB-2EFA-4426-81A4-476D7AACA11E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.12:*:*:*:*:*:*:*",
"matchCriteriaId": "92089171-ADEE-43A1-A8A3-90DF46BF9372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E53A7F-C690-4D7D-BA19-AF359F884A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5DE46D-D8AA-4191-92B3-7DEF3A353174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB47E6C-A753-499A-A90F-74AC1B53368F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.17:*:*:*:*:*:*:*",
"matchCriteriaId": "20AD7A55-0ECF-42EB-9923-3D69FBCA0BA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.18:*:*:*:*:*:*:*",
"matchCriteriaId": "BE19CBB5-F778-4045-840F-305254B60C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.19:*:*:*:*:*:*:*",
"matchCriteriaId": "E1332705-DA13-401A-B994-2CB0A704D9F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.20:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1A2811-627D-4322-BDCC-209701013B9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.21:*:*:*:*:*:*:*",
"matchCriteriaId": "164C7F7F-B7CF-42FB-9F44-3207A5576C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9A468147-0B6C-4B09-A2B4-13D4B5A28250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.23:*:*:*:*:*:*:*",
"matchCriteriaId": "D94236E3-3BF6-4FE8-BDA1-036CE33B1E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9826CE5A-F25E-4806-BEE8-800594886D6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.25:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6D28BB-AEFD-4E01-B1DD-6CA0E1FD655B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.26:*:*:*:*:*:*:*",
"matchCriteriaId": "67BFD954-863C-46C7-B105-BD988016C514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.27:*:*:*:*:*:*:*",
"matchCriteriaId": "7701EA16-874E-4708-BB6A-CB4E29F342AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.28:*:*:*:*:*:*:*",
"matchCriteriaId": "6B551CFD-63FD-4556-8227-09EBF3A76356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.29:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF5753B-3F98-4DA0-BBDD-854164B772BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.30:*:*:*:*:*:*:*",
"matchCriteriaId": "A25823D4-CE45-4731-AD3C-AD93F8C38704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.31:*:*:*:*:*:*:*",
"matchCriteriaId": "63076800-7977-4C8C-8C05-1F5078A47F78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.32:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1F509E-61D5-49B1-888F-75F6A06A8E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.33:*:*:*:*:*:*:*",
"matchCriteriaId": "DF3EE78D-7535-40EC-97C7-E01F8AB6B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.34:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F2E666-D9CD-4436-A843-39A891057097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.35:*:*:*:*:*:*:*",
"matchCriteriaId": "54D2C9EC-7C09-4E14-9498-26666880FF39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.36:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAA51C4-021C-4802-B074-D4C168B2821E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.37:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1290C8-FB9D-452D-8FDA-6DDD2D5E668C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.38:*:*:*:*:*:*:*",
"matchCriteriaId": "9C10D6E7-15D9-42D8-B86F-4E6384EBA17D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.39:*:*:*:*:*:*:*",
"matchCriteriaId": "0D1DC13D-C1CE-482C-B96F-F52A2D4C5303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.40:*:*:*:*:*:*:*",
"matchCriteriaId": "E439A399-E57B-462F-BABB-9AB26F800688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.41:*:*:*:*:*:*:*",
"matchCriteriaId": "973A1155-5C33-410F-A7BB-C6F19CC4EE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.42:*:*:*:*:*:*:*",
"matchCriteriaId": "677B37D1-A9E1-4CEA-A7F6-2C151647F878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.43:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD7BC34-62C2-4D37-8E16-C86FB80C71D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.44:*:*:*:*:*:*:*",
"matchCriteriaId": "DD49AF05-07B3-4900-AA89-02FA9A920F4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.45:*:*:*:*:*:*:*",
"matchCriteriaId": "073F62F0-47EA-42F4-AA33-6676491F4EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.46:*:*:*:*:*:*:*",
"matchCriteriaId": "075A1812-B4A1-4C9A-9746-A6B5CDEA6F36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.47:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE8B325-A442-4724-A0A7-B15BBBE7A2A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.48:*:*:*:*:*:*:*",
"matchCriteriaId": "5E77FE45-AE1B-4B1F-ABCA-AA4F1A912BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.49:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD496EA-E568-4313-84A4-FE5B89A990F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.50:*:*:*:*:*:*:*",
"matchCriteriaId": "E6AB58CB-6CC7-4BF2-B1FC-E862DCE68505",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.51:*:*:*:*:*:*:*",
"matchCriteriaId": "4F619A5D-2AEE-41FD-BF09-B77E05B73153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.52:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0D02E1-2A0F-450D-8C2C-9104E58AAA30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.54:*:*:*:*:*:*:*",
"matchCriteriaId": "6E2340BB-B557-43B3-8AB7-58333143A8DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.55:*:*:*:*:*:*:*",
"matchCriteriaId": "E18DE7FE-73B4-4F8E-BA5B-F5E4E36242B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site, a different vulnerability than CVE-2013-2835."
},
{
"lang": "es",
"value": "Google Chrome OS anterior a v26.0.1410.57 no fuerza correctamente las restricciones de origen para el O3D y el plugin Google Talk, permitiendo a atacantes remotos eludir el mecanismo de protecci\u00f3n de lista blanca de dominios (domain-whitelist) mediante un sitio web manipulado, una vulnerabilidad diferente a CVE-2013-2835."
}
],
"id": "CVE-2013-2834",
"lastModified": "2024-11-21T01:52:27.830",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-16T20:55:01.930",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://git.chromium.org/gitweb/?p=chromiumos/overlays/chromiumos-overlay.git%3Ba=commit%3Bh=9181705680e1f53fd1e895ebe84c1b7f18c5c380"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2013/04/stable-channel-update-for-chrome-os.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://code.google.com/p/chromium/issues/detail?id=227158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.chromium.org/gitweb/?p=chromiumos/overlays/chromiumos-overlay.git%3Ba=commit%3Bh=9181705680e1f53fd1e895ebe84c1b7f18c5c380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2013/04/stable-channel-update-for-chrome-os.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://code.google.com/p/chromium/issues/detail?id=227158"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.