CVE-2013-2858
Severity CVSS v4.0:
Pending analysis
Type:
CWE-416
Use After Free
Publication date:
05/06/2013
Last modified:
11/04/2025
Description
Use-after-free vulnerability in the HTML5 Audio implementation in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | 27.0.1453.109 (including) | |
| cpe:2.3:a:google:chrome:27.0.1453.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:google:chrome:27.0.1453.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:google:chrome:27.0.1453.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:google:chrome:27.0.1453.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:google:chrome:27.0.1453.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:google:chrome:27.0.1453.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:google:chrome:27.0.1453.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:google:chrome:27.0.1453.7:*:*:*:*:*:*:* | ||
| cpe:2.3:a:google:chrome:27.0.1453.8:*:*:*:*:*:*:* | ||
| cpe:2.3:a:google:chrome:27.0.1453.9:*:*:*:*:*:*:* | ||
| cpe:2.3:a:google:chrome:27.0.1453.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:google:chrome:27.0.1453.11:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html
- http://www.debian.org/security/2013/dsa-2706
- https://code.google.com/p/chromium/issues/detail?id=239897
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15909
- http://googlechromereleases.blogspot.com/2013/06/stable-channel-update.html
- http://www.debian.org/security/2013/dsa-2706
- https://code.google.com/p/chromium/issues/detail?id=239897
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15909