CVE-2013-0840Improper Validation of Specified Index, Position, or Offset in Input in Google Chrome

CWE-1285Improper Validation of Specified Index, Position, or Offset in Input3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
0.4%
top 42.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedJan 24
Latest updateMay 17

Description

Google Chrome before 24.0.1312.56 does not validate URLs during the opening of new windows, which has unspecified impact and remote attack vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDgoogle/chrome24.0.1312.55+115

🔴Vulnerability Details

1
GHSA
GHSA-qqxx-mgqh-vfmr: Google Chrome before 242022-05-17

📋Vendor Advisories

1
Red Hat
kernel: perf_swevent_enabled array out-of-bound access2013-05-14
CVE-2013-0840 — Google Chrome vulnerability | cvebase