PT-2013-6051 · Google+2 · Google Chrome+2

Published

2013-11-12

Updated

2024-06-15

CVE-2013-6621

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 31.0.1650.48

Description The issue is related to a use-after-free vulnerability. It can be triggered via vectors related to the x-webkit-speech attribute in a text INPUT element, potentially allowing remote attackers to cause a denial of service or have other unspecified impacts.

Recommendations For versions prior to 31.0.1650.48, update to version 31.0.1650.48 or later to resolve the issue. As a temporary workaround, consider disabling the x-webkit-speech attribute in text INPUT elements until a patch is applied.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

ALT-PU-2013-1119

CVE-2013-6621

DSA-2799-1

MGASA-2013-0324

OPENSUSE-SU-2013_1776-1

OPENSUSE-SU-2013_1777-1

OPENSUSE-SU-2013_1861-1

OPENSUSE-SU-2024:10171-1

OPENSUSE-SU-2024:12948-1

Affected Products

Alt Linux

Google Chrome

Suse

PT-2013-6051 · Google+2 · Google Chrome+2

CVE-2013-6621

Weakness Enumeration

Related Identifiers

Affected Products

References · 2422