CVE-2013-2859

EUVD-2013-2798
Google Chrome before 27.0.1453.110 allows remote attackers to bypass the Same Origin Policy and trigger namespace pollution via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
Affected Products (NVD)
VendorProductVersion
debiandebian_linux
7.0
debiandebian_linux
8.0
googlechrome
𝑥
≤ 27.0.1453.109
googlechrome
27.0.1453.0
googlechrome
27.0.1453.1
googlechrome
27.0.1453.2
googlechrome
27.0.1453.3
googlechrome
27.0.1453.4
googlechrome
27.0.1453.5
googlechrome
27.0.1453.6
googlechrome
27.0.1453.7
googlechrome
27.0.1453.8
googlechrome
27.0.1453.9
googlechrome
27.0.1453.10
googlechrome
27.0.1453.11
googlechrome
27.0.1453.12
googlechrome
27.0.1453.13
googlechrome
27.0.1453.15
googlechrome
27.0.1453.34
googlechrome
27.0.1453.35
googlechrome
27.0.1453.36
googlechrome
27.0.1453.37
googlechrome
27.0.1453.38
googlechrome
27.0.1453.39
googlechrome
27.0.1453.40
googlechrome
27.0.1453.41
googlechrome
27.0.1453.42
googlechrome
27.0.1453.43
googlechrome
27.0.1453.44
googlechrome
27.0.1453.45
googlechrome
27.0.1453.46
googlechrome
27.0.1453.47
googlechrome
27.0.1453.49
googlechrome
27.0.1453.50
googlechrome
27.0.1453.51
googlechrome
27.0.1453.52
googlechrome
27.0.1453.54
googlechrome
27.0.1453.55
googlechrome
27.0.1453.56
googlechrome
27.0.1453.57
googlechrome
27.0.1453.58
googlechrome
27.0.1453.59
googlechrome
27.0.1453.60
googlechrome
27.0.1453.61
googlechrome
27.0.1453.62
googlechrome
27.0.1453.63
googlechrome
27.0.1453.64
googlechrome
27.0.1453.65
googlechrome
27.0.1453.66
googlechrome
27.0.1453.67
googlechrome
27.0.1453.68
googlechrome
27.0.1453.69
googlechrome
27.0.1453.70
googlechrome
27.0.1453.71
googlechrome
27.0.1453.72
googlechrome
27.0.1453.73
googlechrome
27.0.1453.74
googlechrome
27.0.1453.75
googlechrome
27.0.1453.76
googlechrome
27.0.1453.77
googlechrome
27.0.1453.78
googlechrome
27.0.1453.79
googlechrome
27.0.1453.80
googlechrome
27.0.1453.81
googlechrome
27.0.1453.82
googlechrome
27.0.1453.83
googlechrome
27.0.1453.84
googlechrome
27.0.1453.85
googlechrome
27.0.1453.86
googlechrome
27.0.1453.87
googlechrome
27.0.1453.88
googlechrome
27.0.1453.89
googlechrome
27.0.1453.90
googlechrome
27.0.1453.91
googlechrome
27.0.1453.93
googlechrome
27.0.1453.94
googlechrome
27.0.1453.102
googlechrome
27.0.1453.103
googlechrome
27.0.1453.104
googlechrome
27.0.1453.105
googlechrome
27.0.1453.106
googlechrome
27.0.1453.107
googlechrome
27.0.1453.108
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
lucid
ignored
precise
Fixed 28.0.1500.52-0ubuntu1.12.04.2
released
quantal
Fixed 28.0.1500.52-0ubuntu1.12.10.3
released
raring
Fixed 28.0.1500.52-0ubuntu1.13.04.3
released
References
http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html
http://www.debian.org/security/2013/dsa-2706
https://code.google.com/p/chromium/issues/detail?id=237022
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16640
http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html
http://www.debian.org/security/2013/dsa-2706
https://code.google.com/p/chromium/issues/detail?id=237022
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16640