CVE-2013-2903Google Chrome vulnerability

CWE-3992 documents2 sources
Severity
7.5HIGHNVD
EPSS
0.9%
top 24.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google ChromeDebian Linux
Timeline
PublishedAug 21
Latest updateMay 17

Description

Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving moving a (1) AUDIO or (2) VIDEO element between documents.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDgoogle/chrome29.0.1547.56+50

Also affects: Debian Linux 7.0

🔴Vulnerability Details

1
GHSA
GHSA-jc68-v6rw-qxw6: Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement2022-05-17
CVE-2013-2903 — Google Chrome vulnerability | cvebase