Google Chrome CVE-2013-0916 Use-After-Free Memory Corruption Vulnerability
BID:58724
Info
Google Chrome CVE-2013-0916 Use-After-Free Memory Corruption Vulnerability
| Bugtraq ID: | 58724 |
| Class: | Design Error |
| CVE: |
CVE-2013-0916 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 26 2013 12:00AM |
| Updated: | Sep 26 2013 12:16AM |
| Credit: | Atte Kettunen of OUSPG |
| Vulnerable: |
Google Chrome 17.0.963 79 Google Chrome 17.0.963 65 Google Chrome 15.0.874 102 Google Chrome 2.0.172 .43 Google Chrome 2.0.172 .37 Google Chrome 2.0.172 .33 Google Chrome 2.0.172 .31 Google Chrome 2.0.172 .30 Google Chrome 19.0.1084.52 Google Chrome 19 Google Chrome 18.0.1025.168 Google Chrome 18.0.1025.162 Google Chrome 18.0.1025.151 Google Chrome 18.0.1025.142 Google Chrome 17.0.963.83 Google Chrome 17.0.963.78 Google Chrome 17.0.963.60 Google Chrome 17.0.963.56 Google Chrome 17.0.963.46 Google Chrome 16.0.912.77 Google Chrome 16.0.912.75 Google Chrome 16.0.912.63 Google Chrome 16 Google Chrome 15.0.874.121 Google Chrome 15.0.874.120 Google Chrome 14.0.835.202 Google Chrome 14.0.835.186 Google Chrome 14.0.835.163 Google Chrome 14 Google Chrome 13.0.782.215 Google Chrome 13.0.782.112 Google Chrome 13.0.782.107 Google Chrome 13 Google Chrome 12.0.742.91 Google Chrome 12.0.742.112 Google Chrome 12.0.742.100 Google Chrome 12 Google Chrome 11.0.696.77 Google Chrome 11.0.696.71 Google Chrome 11.0.696.68 Google Chrome 11.0.696.65 Google Chrome 11.0.696.57 Google Chrome 11.0.696.43 Google Chrome 11.0.672.2 Google Chrome 11 Google Chrome 10.0.648.205 Google Chrome 10.0.648.205 Google Chrome 10.0.648.204 Google Chrome 10.0.648.133 Google Chrome 10.0.648.128 Google Chrome 10.0.648.127 Google Chrome 10 Gentoo Linux |
| Not Vulnerable: | |
Discussion
Google Chrome CVE-2013-0916 Use-After-Free Memory Corruption Vulnerability
Google Chrome is prone to a remote memory-corruption vulnerability
An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Note: This issue was previously discussed in BID 58712 (Google Chrome Prior to 26.0.1410.43 Multiple Security Vulnerabilities), but has been moved to its own record to better document it.
Versions prior to Chrome 26.0.1410.43 are vulnerable.
Google Chrome is prone to a remote memory-corruption vulnerability
An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Note: This issue was previously discussed in BID 58712 (Google Chrome Prior to 26.0.1410.43 Multiple Security Vulnerabilities), but has been moved to its own record to better document it.
Versions prior to Chrome 26.0.1410.43 are vulnerable.
Exploit / POC
Google Chrome CVE-2013-0916 Use-After-Free Memory Corruption Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Google Chrome CVE-2013-0916 Use-After-Free Memory Corruption Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Google Chrome CVE-2013-0916 Use-After-Free Memory Corruption Vulnerability
References:
References:
- Google Chrome Homepage (Google)