CVE-2013-6659

The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user's expectations, by initiating a TLS renegotiation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
googlechrome
𝑥
≤ 33.0.1750.116
googlechrome
33.0.1750.0
googlechrome
33.0.1750.1
googlechrome
33.0.1750.2
googlechrome
33.0.1750.3
googlechrome
33.0.1750.4
googlechrome
33.0.1750.5
googlechrome
33.0.1750.6
googlechrome
33.0.1750.7
googlechrome
33.0.1750.8
googlechrome
33.0.1750.9
googlechrome
33.0.1750.10
googlechrome
33.0.1750.11
googlechrome
33.0.1750.12
googlechrome
33.0.1750.13
googlechrome
33.0.1750.14
googlechrome
33.0.1750.15
googlechrome
33.0.1750.16
googlechrome
33.0.1750.18
googlechrome
33.0.1750.19
googlechrome
33.0.1750.20
googlechrome
33.0.1750.21
googlechrome
33.0.1750.22
googlechrome
33.0.1750.23
googlechrome
33.0.1750.24
googlechrome
33.0.1750.25
googlechrome
33.0.1750.26
googlechrome
33.0.1750.27
googlechrome
33.0.1750.28
googlechrome
33.0.1750.29
googlechrome
33.0.1750.30
googlechrome
33.0.1750.31
googlechrome
33.0.1750.34
googlechrome
33.0.1750.35
googlechrome
33.0.1750.36
googlechrome
33.0.1750.37
googlechrome
33.0.1750.38
googlechrome
33.0.1750.39
googlechrome
33.0.1750.40
googlechrome
33.0.1750.41
googlechrome
33.0.1750.42
googlechrome
33.0.1750.43
googlechrome
33.0.1750.44
googlechrome
33.0.1750.45
googlechrome
33.0.1750.46
googlechrome
33.0.1750.47
googlechrome
33.0.1750.48
googlechrome
33.0.1750.49
googlechrome
33.0.1750.50
googlechrome
33.0.1750.51
googlechrome
33.0.1750.52
googlechrome
33.0.1750.53
googlechrome
33.0.1750.54
googlechrome
33.0.1750.55
googlechrome
33.0.1750.56
googlechrome
33.0.1750.57
googlechrome
33.0.1750.58
googlechrome
33.0.1750.59
googlechrome
33.0.1750.60
googlechrome
33.0.1750.61
googlechrome
33.0.1750.62
googlechrome
33.0.1750.63
googlechrome
33.0.1750.64
googlechrome
33.0.1750.65
googlechrome
33.0.1750.66
googlechrome
33.0.1750.67
googlechrome
33.0.1750.68
googlechrome
33.0.1750.69
googlechrome
33.0.1750.70
googlechrome
33.0.1750.71
googlechrome
33.0.1750.73
googlechrome
33.0.1750.74
googlechrome
33.0.1750.75
googlechrome
33.0.1750.76
googlechrome
33.0.1750.77
googlechrome
33.0.1750.79
googlechrome
33.0.1750.80
googlechrome
33.0.1750.81
googlechrome
33.0.1750.82
googlechrome
33.0.1750.83
googlechrome
33.0.1750.85
googlechrome
33.0.1750.88
googlechrome
33.0.1750.89
googlechrome
33.0.1750.90
googlechrome
33.0.1750.91
googlechrome
33.0.1750.92
googlechrome
33.0.1750.93
googlechrome
33.0.1750.104
googlechrome
33.0.1750.106
googlechrome
33.0.1750.107
googlechrome
33.0.1750.108
googlechrome
33.0.1750.109
googlechrome
33.0.1750.110
googlechrome
33.0.1750.111
googlechrome
33.0.1750.112
googlechrome
33.0.1750.113
googlechrome
33.0.1750.115
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
saucy
Fixed 33.0.1750.152-0ubuntu0.13.10.1~pkg984.1
released
quantal
Fixed 33.0.1750.152-0ubuntu0.12.10.1~pkg895.1
released
precise
Fixed 33.0.1750.152-0ubuntu0.12.04.1~pkg879.1
released
lucid
ignored
Common Weakness Enumeration
References
http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html
http://lists.opensuse.org/opensuse-updates/2014-03/msg00006.html
http://www.debian.org/security/2014/dsa-2883
https://code.google.com/p/chromium/issues/detail?id=306959
https://src.chromium.org/viewvc/chrome?revision=229611&view=revision
http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html
http://lists.opensuse.org/opensuse-updates/2014-03/msg00006.html
http://www.debian.org/security/2014/dsa-2883
https://code.google.com/p/chromium/issues/detail?id=306959
https://src.chromium.org/viewvc/chrome?revision=229611&view=revision