CVE-2013-0900 — Race Condition in Google Chrome

CWE-362 — Race Condition CWE-416 — Use After Free8 documents7 sources

Severity

6.8MEDIUMNVD

EPSS

0.9%

top 23.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome Debian ICU Debian Linux

Timeline

PublishedFeb 23

Latest updateMay 17

Description

Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

▶NVDgoogle/chrome< 25.0.1364.97+1

▶debiandebian/icu< icu 4.8.1.1-12 (bookworm)

Also affects: Debian Linux 6.0

🔴Vulnerability Details

GHSA

GHSA-7q82-w593-4rh5: Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25↗2022-05-17

▶

OSV

CVE-2013-0900: Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25↗2013-02-23

▶

📋Vendor Advisories

Ubuntu

ICU vulnerabilities↗2013-10-15

▶

Red Hat

icu: Race condition leading to a use-after-free↗2013-02-21

▶

Debian

CVE-2013-0900: icu - Race condition in the International Components for Unicode (ICU) functionality i...↗2013

▶

💬Community

Bugzilla

CVE-2013-0900 icu: Race condition leading to a use-after-free↗2013-03-05

▶

Bugzilla

CVE-2013-0900 icu: Race condition allows remote attackers to cause a DoS [fedora-all]↗2013-03-05

▶