CVE-2013-2924 — Use After Free in Google Chrome

CWE-399 CWE-416 — Use After Free9 documents7 sources

Severity

7.5HIGHNVD

EPSS

0.7%

top 28.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian ICU Google Chrome

Timeline

PublishedOct 2

Latest updateMay 17

Description

Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDgoogle/chrome30.0.1599.65+58

▶debiandebian/icu< icu 4.8.1.1-13+nmu1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-p2vm-c3q9-pvf4: Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30↗2022-05-17

▶

OSV

CVE-2013-2924: Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30↗2013-10-02

▶

📋Vendor Advisories

Ubuntu

ICU vulnerabilities↗2013-10-15

▶

Red Hat

icu: use-after-free flaw leads to denial of service↗2013-10-01

▶

Debian

CVE-2013-2924: icu - Use-after-free vulnerability in International Components for Unicode (ICU), as u...↗2013

▶

💬Community

Bugzilla

CVE-2013-2924 icu: use-after-free flaw leads to denial of service [fedora-all]↗2013-10-04

▶

Bugzilla

CVE-2013-2924 mingw-icu: icu: use-after-free flaw leads to denial of service [fedora-all]↗2013-10-04

▶

Bugzilla

CVE-2013-2924 icu: use-after-free flaw leads to denial of service↗2013-10-03

▶