CVE-2013-2885

Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to not properly considering focus during the processing of JavaScript events in the presence of a multiple-fields input type.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
VendorProductVersion
debiandebian_linux
7.0
googlechrome
𝑥
≤ 28.0.1500.94
googlechrome
28.0.1500.0
googlechrome
28.0.1500.2
googlechrome
28.0.1500.3
googlechrome
28.0.1500.4
googlechrome
28.0.1500.5
googlechrome
28.0.1500.6
googlechrome
28.0.1500.8
googlechrome
28.0.1500.9
googlechrome
28.0.1500.10
googlechrome
28.0.1500.11
googlechrome
28.0.1500.12
googlechrome
28.0.1500.13
googlechrome
28.0.1500.14
googlechrome
28.0.1500.15
googlechrome
28.0.1500.16
googlechrome
28.0.1500.17
googlechrome
28.0.1500.18
googlechrome
28.0.1500.19
googlechrome
28.0.1500.20
googlechrome
28.0.1500.21
googlechrome
28.0.1500.22
googlechrome
28.0.1500.23
googlechrome
28.0.1500.24
googlechrome
28.0.1500.25
googlechrome
28.0.1500.26
googlechrome
28.0.1500.27
googlechrome
28.0.1500.28
googlechrome
28.0.1500.29
googlechrome
28.0.1500.31
googlechrome
28.0.1500.32
googlechrome
28.0.1500.33
googlechrome
28.0.1500.34
googlechrome
28.0.1500.35
googlechrome
28.0.1500.36
googlechrome
28.0.1500.37
googlechrome
28.0.1500.38
googlechrome
28.0.1500.39
googlechrome
28.0.1500.40
googlechrome
28.0.1500.41
googlechrome
28.0.1500.42
googlechrome
28.0.1500.43
googlechrome
28.0.1500.44
googlechrome
28.0.1500.45
googlechrome
28.0.1500.46
googlechrome
28.0.1500.47
googlechrome
28.0.1500.48
googlechrome
28.0.1500.49
googlechrome
28.0.1500.50
googlechrome
28.0.1500.51
googlechrome
28.0.1500.52
googlechrome
28.0.1500.53
googlechrome
28.0.1500.54
googlechrome
28.0.1500.56
googlechrome
28.0.1500.58
googlechrome
28.0.1500.59
googlechrome
28.0.1500.60
googlechrome
28.0.1500.61
googlechrome
28.0.1500.62
googlechrome
28.0.1500.63
googlechrome
28.0.1500.64
googlechrome
28.0.1500.66
googlechrome
28.0.1500.68
googlechrome
28.0.1500.70
googlechrome
28.0.1500.71
googlechrome
28.0.1500.72
googlechrome
28.0.1500.89
googlechrome
28.0.1500.91
googlechrome
28.0.1500.93
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
saucy
not-affected
raring
Fixed 30.0.1599.114-0ubuntu0.13.04.2
released
quantal
Fixed 30.0.1599.114-0ubuntu0.12.10.2
released
precise
Fixed 30.0.1599.114-0ubuntu0.12.04.3
released
lucid
ignored
Common Weakness Enumeration
References
http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html
http://www.debian.org/security/2013/dsa-2732
https://chromium.googlesource.com/chromium/blink/+/7a7ea525c912f6e59aa3e915e7f2cf140c077a49
https://chromium.googlesource.com/chromium/blink/+/dd13a061c49579e40f381b2dc9409fb0a920ec19%5E
https://code.google.com/p/chromium/issues/detail?id=249640
https://code.google.com/p/chromium/issues/detail?id=257353
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17672
http://googlechromereleases.blogspot.com/2013/07/stable-channel-update_30.html
http://www.debian.org/security/2013/dsa-2732
https://chromium.googlesource.com/chromium/blink/+/7a7ea525c912f6e59aa3e915e7f2cf140c077a49
https://chromium.googlesource.com/chromium/blink/+/dd13a061c49579e40f381b2dc9409fb0a920ec19%5E
https://code.google.com/p/chromium/issues/detail?id=249640
https://code.google.com/p/chromium/issues/detail?id=257353
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17672