CVE-2013-0885

Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict API privileges during interaction with the Chrome Web Store, which has unspecified impact and attack vectors.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html	Vendor Advisory
https://code.google.com/p/chromium/issues/detail?id=172369	Permissions Required
http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16255

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:opensuse:opensuse:12.1:::::::*
	cpe:2.3:o:opensuse:opensuse:12.2:::::::*

Configuration 2 (hide)

AND

OR	cpe:2.3:a:google:chrome:25.0.1364.36:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.33:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.44:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.41:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.50:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.49:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.58:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.57:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.2:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.3:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.13:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.14:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.22:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.21:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.30:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.29:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.70:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.72:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.79:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.80:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.90:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.89:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.95:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.34:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.39:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.42:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.47:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.56:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.55:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.67:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.66:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.5:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.7:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.8:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.15:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.16:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.24:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.23:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.32:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.31:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.74:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.73:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.82:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.81:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.92:::::::*
	cpe:2.3:a:google:chrome::::::::
	cpe:2.3:a:google:chrome:25.0.1364.35:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.38:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.43:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.52:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.51:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.62:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.61:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.0:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.1:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.11:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.12:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.20:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.19:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.28:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.27:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.77:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.68:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.86:::::::*
cpe:2.3:a:google:chrome:25.0.1364.78:::::::*
cpe:2.3:a:google:chrome:25.0.1364.88:::::::*
cpe:2.3:a:google:chrome:25.0.1364.87:::::::*
cpe:2.3:a:google:chrome:25.0.1364.40:::::::*
cpe:2.3:a:google:chrome:25.0.1364.37:::::::*
cpe:2.3:a:google:chrome:25.0.1364.48:::::::*
cpe:2.3:a:google:chrome:25.0.1364.45:::::::*
cpe:2.3:a:google:chrome:25.0.1364.46:::::::*
cpe:2.3:a:google:chrome:25.0.1364.54:::::::*
cpe:2.3:a:google:chrome:25.0.1364.53:::::::*
cpe:2.3:a:google:chrome:25.0.1364.65:::::::*
cpe:2.3:a:google:chrome:25.0.1364.63:::::::*
cpe:2.3:a:google:chrome:25.0.1364.9:::::::*
cpe:2.3:a:google:chrome:25.0.1364.10:::::::*
cpe:2.3:a:google:chrome:25.0.1364.18:::::::*
cpe:2.3:a:google:chrome:25.0.1364.17:::::::*
cpe:2.3:a:google:chrome:25.0.1364.26:::::::*
cpe:2.3:a:google:chrome:25.0.1364.25:::::::*
cpe:2.3:a:google:chrome:25.0.1364.75:::::::*
cpe:2.3:a:google:chrome:25.0.1364.76:::::::*
cpe:2.3:a:google:chrome:25.0.1364.84:::::::*
cpe:2.3:a:google:chrome:25.0.1364.85:::::::*
cpe:2.3:a:google:chrome:25.0.1364.91:::::::*
cpe:2.3:a:google:chrome:25.0.1364.93:::::::*

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

OR	cpe:2.3:a:google:chrome:25.0.1364.92:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.91:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.90:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.89:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.81:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.80:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.72:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.70:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.61:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.58:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.51:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.50:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.42:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.41:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.34:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.33:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.26:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.25:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.17:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.16:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.9:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.8:::::::*
	cpe:2.3:a:google:chrome::::::::
	cpe:2.3:a:google:chrome:25.0.1364.93:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.86:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.85:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.77:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.76:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.75:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.66:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.65:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.55:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.84:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.82:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.74:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.73:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.63:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.62:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.53:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.52:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.44:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.43:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.36:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.35:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.28:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.27:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.19:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.18:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.11:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.10:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.1:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.0:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.54:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.46:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.45:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.38:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.37:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.30:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.29:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.21:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.20:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.13:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.12:::::::*
	cpe:2.3:a:google:chrome:25.0.1364.3:::::::*
cpe:2.3:a:google:chrome:25.0.1364.2:::::::*
cpe:2.3:a:google:chrome:25.0.1364.88:::::::*
cpe:2.3:a:google:chrome:25.0.1364.87:::::::*
cpe:2.3:a:google:chrome:25.0.1364.79:::::::*
cpe:2.3:a:google:chrome:25.0.1364.78:::::::*
cpe:2.3:a:google:chrome:25.0.1364.68:::::::*
cpe:2.3:a:google:chrome:25.0.1364.67:::::::*
cpe:2.3:a:google:chrome:25.0.1364.57:::::::*
cpe:2.3:a:google:chrome:25.0.1364.56:::::::*
cpe:2.3:a:google:chrome:25.0.1364.49:::::::*
cpe:2.3:a:google:chrome:25.0.1364.48:::::::*
cpe:2.3:a:google:chrome:25.0.1364.47:::::::*
cpe:2.3:a:google:chrome:25.0.1364.40:::::::*
cpe:2.3:a:google:chrome:25.0.1364.39:::::::*
cpe:2.3:a:google:chrome:25.0.1364.32:::::::*
cpe:2.3:a:google:chrome:25.0.1364.31:::::::*
cpe:2.3:a:google:chrome:25.0.1364.24:::::::*
cpe:2.3:a:google:chrome:25.0.1364.23:::::::*
cpe:2.3:a:google:chrome:25.0.1364.22:::::::*
cpe:2.3:a:google:chrome:25.0.1364.15:::::::*
cpe:2.3:a:google:chrome:25.0.1364.14:::::::*
cpe:2.3:a:google:chrome:25.0.1364.7:::::::*
cpe:2.3:a:google:chrome:25.0.1364.5:::::::*

OR	cpe:2.3:o:microsoft:windows::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Information

Published : 2013-02-23 21:55

Updated : 2018-10-30 16:27

NVD link : CVE-2013-0885

Mitre link : CVE-2013-0885

JSON object : View

Products Affected

apple

mac_os_x

opensuse

opensuse

google

chrome

linux

linux_kernel

microsoft

windows

CWE

CWE-264

Permissions, Privileges, and Access Controls

7.5 /10