Google Chrome CVE-2013-0917 Out-of-Bounds Read Vulnerability

Bugtraq ID:	58725
Class:	Unknown
CVE:	CVE-2013-0917
Remote:	Yes
Local:	No
Published:	Mar 26 2013 12:00AM
Updated:	Sep 26 2013 12:16AM
Credit:	Cris Neckar of Google Chrome Security Team
Vulnerable:	Google Chrome 17.0.963 79 Google Chrome 17.0.963 65 Google Chrome 16.0.912 75 Google Chrome 15.0.874 102 Google Chrome 19.0.1084.52 Google Chrome 19 Google Chrome 18.0.1025.168 Google Chrome 18.0.1025.162 Google Chrome 18.0.1025.151 Google Chrome 18.0.1025.142 Google Chrome 17.0.963.83 Google Chrome 17.0.963.78 Google Chrome 17.0.963.60 Google Chrome 17.0.963.56 Google Chrome 17.0.963.46 Google Chrome 16.0.912.77 Google Chrome 16.0.912.75 Google Chrome 16.0.912.63 Google Chrome 16 Google Chrome 15.0.874.121 Google Chrome 15.0.874.120 Gentoo Linux
Not Vulnerable:

Google Chrome CVE-2013-0917 Out-of-Bounds Read Vulnerability

Google Chrome is prone to a security vulnerability.

Attackers can exploit this issue to crash the application to deny service to legitimate users or disclose sensitive information that may aid in further attacks

Google Chrome versions prior to 26.0.1410.43 are vulnerable.

Note: This issue was previously discussed in BID 58712 (Google Chrome Prior to 26.0.1410.43 Multiple Security Vulnerabilities), but has been moved to its own record to better document it.

Google Chrome CVE-2013-0917 Out-of-Bounds Read Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Google Chrome CVE-2013-0917 Out-of-Bounds Read Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Google Chrome CVE-2013-0917 Out-of-Bounds Read Vulnerability

References:

• Google Chrome Homepage (Google)