Vulnerability CVE-2013-2632


Published: 2013-03-21   Modified: 2013-03-22

Description:
Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by the Bejeweled game.

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Google -> Chrome 
Google -> V8 

 References:
https://code.google.com/p/chromium/issues/detail?id=194749
http://googlechromereleases.blogspot.com/2013/03/dev-channel-update_18.html
http://code.google.com/p/v8/source/browse/trunk/ChangeLog

Copyright 2024, cxsecurity.com

 

Back to Top