CVE-2013-6639

The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the value of an array element with a crafted index.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
googlechrome
𝑥
≤ 31.0.1650.62
googlechrome
31.0.1650.0
googlechrome
31.0.1650.2
googlechrome
31.0.1650.3
googlechrome
31.0.1650.4
googlechrome
31.0.1650.5
googlechrome
31.0.1650.6
googlechrome
31.0.1650.7
googlechrome
31.0.1650.8
googlechrome
31.0.1650.9
googlechrome
31.0.1650.10
googlechrome
31.0.1650.11
googlechrome
31.0.1650.12
googlechrome
31.0.1650.13
googlechrome
31.0.1650.14
googlechrome
31.0.1650.15
googlechrome
31.0.1650.16
googlechrome
31.0.1650.17
googlechrome
31.0.1650.18
googlechrome
31.0.1650.19
googlechrome
31.0.1650.20
googlechrome
31.0.1650.22
googlechrome
31.0.1650.23
googlechrome
31.0.1650.25
googlechrome
31.0.1650.26
googlechrome
31.0.1650.27
googlechrome
31.0.1650.28
googlechrome
31.0.1650.29
googlechrome
31.0.1650.30
googlechrome
31.0.1650.31
googlechrome
31.0.1650.32
googlechrome
31.0.1650.33
googlechrome
31.0.1650.34
googlechrome
31.0.1650.35
googlechrome
31.0.1650.36
googlechrome
31.0.1650.37
googlechrome
31.0.1650.38
googlechrome
31.0.1650.39
googlechrome
31.0.1650.41
googlechrome
31.0.1650.42
googlechrome
31.0.1650.43
googlechrome
31.0.1650.44
googlechrome
31.0.1650.45
googlechrome
31.0.1650.46
googlechrome
31.0.1650.47
googlechrome
31.0.1650.48
googlechrome
31.0.1650.49
googlechrome
31.0.1650.50
googlechrome
31.0.1650.51
googlechrome
31.0.1650.52
googlechrome
31.0.1650.53
googlechrome
31.0.1650.54
googlechrome
31.0.1650.55
googlechrome
31.0.1650.57
googlechrome
31.0.1650.58
googlechrome
31.0.1650.59
googlechrome
31.0.1650.60
googlechrome
31.0.1650.61
googlev8
𝑥
≤ 3.22.24
googlev8
3.22.0
googlev8
3.22.1
googlev8
3.22.2
googlev8
3.22.3
googlev8
3.22.4
googlev8
3.22.5
googlev8
3.22.6
googlev8
3.22.7
googlev8
3.22.8
googlev8
3.22.9
googlev8
3.22.10
googlev8
3.22.11
googlev8
3.22.12
googlev8
3.22.13
googlev8
3.22.14
googlev8
3.22.15
googlev8
3.22.16
googlev8
3.22.17
googlev8
3.22.18
googlev8
3.22.19
googlev8
3.22.20
googlev8
3.22.21
googlev8
3.22.22
googlev8
3.22.23
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
zesty
not-affected
yakkety
not-affected
xenial
not-affected
wily
not-affected
vivid
not-affected
utopic
not-affected
trusty
dne
saucy
Fixed 31.0.1650.63-0ubuntu0.13.10.1~20131204.1
released
raring
Fixed 31.0.1650.63-0ubuntu0.13.04.1~20131204.1
released
quantal
Fixed 31.0.1650.63-0ubuntu0.12.10.1~20131204.1
released
precise
Fixed 31.0.1650.63-0ubuntu0.12.04.1~20131204.1
released
lucid
ignored
libv8
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
dne
trusty
dne
saucy
ignored
raring
ignored
quantal
ignored
precise
ignored
lucid
ignored
libv8-3.14
zesty
not-affected
yakkety
not-affected
xenial
not-affected
wily
not-affected
vivid
not-affected
utopic
not-affected
trusty
dne
saucy
ignored
raring
dne
quantal
dne
precise
dne
lucid
dne
qtjsbackend-opensource-src
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
dne
trusty
dne
saucy
ignored
raring
ignored
quantal
dne
precise
dne
lucid
dne
Common Weakness Enumeration
References
http://code.google.com/p/v8/source/detail?r=17801
http://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00122.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00124.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00063.html
http://secunia.com/advisories/56216
http://secunia.com/advisories/56217
http://www.debian.org/security/2013/dsa-2811
http://www.securitytracker.com/id/1029442
https://code.google.com/p/chromium/issues/detail?id=319835
http://code.google.com/p/v8/source/detail?r=17801
http://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00090.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00096.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00122.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00124.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00063.html
http://secunia.com/advisories/56216
http://secunia.com/advisories/56217
http://www.debian.org/security/2013/dsa-2811
http://www.securitytracker.com/id/1029442
https://code.google.com/p/chromium/issues/detail?id=319835