CVE-2013-2875Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Chrome

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-125Out-of-bounds Read6 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
1.4%
top 19.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedJul 10
Latest updateMay 17

Description

core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome before 28.0.1500.71, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDgoogle/chrome28.0.1500.70+62

🔴Vulnerability Details

1
GHSA
GHSA-2j62-rj59-pvjj: core/rendering/svg/SVGInlineTextBox2022-05-17

📋Vendor Advisories

1
Red Hat
webkitgtk: out-of-bounds read in the SVG implementation (WSA-2015-0001)2015-01-26

💬Community

3
Bugzilla
CVE-2013-2875 webkitgtk: out-of-bounds read in the SVG implementation (WSA-2015-0001)2015-01-27
Bugzilla
CVE-2014-1299 CVE-2014-1298 CVE-2013-2927 CVE-2014-1297 CVE-2013-2871 CVE-2014-1292 CVE-2013-2875 webkitgtk4: various flaws [fedora-all]2015-01-27
Bugzilla
CVE-2013-2871 CVE-2014-1388 CVE-2014-1299 CVE-2014-1384 CVE-2014-1385 CVE-2014-1386 CVE-2014-1387 CVE-2014-1344 CVE-2014-1298 CVE-2013-2927 CVE-2014-1297 CVE-2014-1390 CVE-2014-1292 CVE-2014-1389 CVE-2015-01-12
CVE-2013-2875 — Google Chrome vulnerability | cvebase