CVE-2013-6802
Severity CVSS v4.0:
Pending analysis
Type:
CWE-264
Permissions, Privileges, and Access Control
Publication date:
18/11/2013
Last modified:
11/04/2025
Description
Google Chrome before 31.0.1650.57 allows remote attackers to bypass intended sandbox restrictions by leveraging access to a renderer process, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a different vulnerability than CVE-2013-6632.
Impact
Base Score 2.0
5.80
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | 31.0.1650.57 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://googlechromereleases.blogspot.com/2013/11/chrome-for-android-update.html
- http://googlechromereleases.blogspot.com/2013/11/stable-channel-update_14.html
- http://www.hppwn2own.com/chrome-nexus-4-samsung-galaxy-s4-falls/
- https://code.google.com/p/chromium/issues/detail?id=319117
- https://code.google.com/p/chromium/issues/detail?id=319125
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89201
- http://googlechromereleases.blogspot.com/2013/11/chrome-for-android-update.html
- http://googlechromereleases.blogspot.com/2013/11/stable-channel-update_14.html
- http://www.hppwn2own.com/chrome-nexus-4-samsung-galaxy-s4-falls/
- https://code.google.com/p/chromium/issues/detail?id=319117
- https://code.google.com/p/chromium/issues/detail?id=319125
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89201