PT-2014-3161 · Google+2 · Google Chrome+2

Atte Kettunen

Published

2014-03-03

Updated

2017-01-07

CVE-2013-6663

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 33.0.1750.146 Apple iTunes (affected versions not specified)

Description A use-after-free issue in the SVGImage::setContainerSize function in the SVG implementation allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the resizing of a view.

Recommendations For Google Chrome versions prior to 33.0.1750.146, update to version 33.0.1750.146 or later to resolve the issue. For Apple iTunes, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

ALT-PU-2014-1282

CVE-2013-6663

DSA-2883-1

MGASA-2014-0121

Affected Products

Alt Linux

Itunes

Google Chrome

PT-2014-3161 · Google+2 · Google Chrome+2

CVE-2013-6663

Weakness Enumeration

Related Identifiers

Affected Products

References · 43