CVE-2013-0927

Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGO_RC_FILE environment variable, which allows attackers to bypass intended access restrictions via crafted configuration data.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
VendorProductVersion
googlechrome_os
𝑥
≤ 26.0.1410.56
googlechrome_os
26.0.1410.0
googlechrome_os
26.0.1410.1
googlechrome_os
26.0.1410.3
googlechrome_os
26.0.1410.4
googlechrome_os
26.0.1410.5
googlechrome_os
26.0.1410.6
googlechrome_os
26.0.1410.7
googlechrome_os
26.0.1410.8
googlechrome_os
26.0.1410.9
googlechrome_os
26.0.1410.10
googlechrome_os
26.0.1410.11
googlechrome_os
26.0.1410.12
googlechrome_os
26.0.1410.14
googlechrome_os
26.0.1410.15
googlechrome_os
26.0.1410.16
googlechrome_os
26.0.1410.17
googlechrome_os
26.0.1410.18
googlechrome_os
26.0.1410.19
googlechrome_os
26.0.1410.20
googlechrome_os
26.0.1410.21
googlechrome_os
26.0.1410.22
googlechrome_os
26.0.1410.23
googlechrome_os
26.0.1410.24
googlechrome_os
26.0.1410.25
googlechrome_os
26.0.1410.26
googlechrome_os
26.0.1410.27
googlechrome_os
26.0.1410.28
googlechrome_os
26.0.1410.29
googlechrome_os
26.0.1410.30
googlechrome_os
26.0.1410.31
googlechrome_os
26.0.1410.32
googlechrome_os
26.0.1410.33
googlechrome_os
26.0.1410.34
googlechrome_os
26.0.1410.35
googlechrome_os
26.0.1410.36
googlechrome_os
26.0.1410.37
googlechrome_os
26.0.1410.38
googlechrome_os
26.0.1410.39
googlechrome_os
26.0.1410.40
googlechrome_os
26.0.1410.41
googlechrome_os
26.0.1410.42
googlechrome_os
26.0.1410.43
googlechrome_os
26.0.1410.44
googlechrome_os
26.0.1410.45
googlechrome_os
26.0.1410.46
googlechrome_os
26.0.1410.47
googlechrome_os
26.0.1410.48
googlechrome_os
26.0.1410.49
googlechrome_os
26.0.1410.50
googlechrome_os
26.0.1410.51
googlechrome_os
26.0.1410.52
googlechrome_os
26.0.1410.54
googlechrome_os
26.0.1410.55
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://git.chromium.org/gitweb/?p=chromiumos/overlays/chromiumos-overlay.git%3Ba=commit%3Bh=fb5a664def6cd34bf7295489ea73e1d989bdd6d0
http://googlechromereleases.blogspot.com/2013/04/chrome-os-stable-channel-update.html
https://code.google.com/p/chromium/issues/detail?id=189250
http://git.chromium.org/gitweb/?p=chromiumos/overlays/chromiumos-overlay.git%3Ba=commit%3Bh=fb5a664def6cd34bf7295489ea73e1d989bdd6d0
http://googlechromereleases.blogspot.com/2013/04/chrome-os-stable-channel-update.html
https://code.google.com/p/chromium/issues/detail?id=189250