CVE-2013-6656

CVSS V2 Medium 5 CVSS V3 None
Description
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors.
Overview
  • CVE ID
  • CVE-2013-6656
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2014-02-24T04:48:10
  • Last Modified Date
  • 2014-04-01T06:26:54
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* 1 OR 33.0.1750.116
cpe:2.3:a:google:chrome:33.0.1750.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.24:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.25:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.29:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.31:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.34:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.35:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.36:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.37:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.38:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.39:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.40:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.41:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.42:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.43:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.44:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.45:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.46:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.47:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.48:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.49:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.50:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.51:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.52:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.53:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.54:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.55:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.56:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.57:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.58:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.59:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.60:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.61:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.62:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.63:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.64:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.65:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.66:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.67:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.68:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.69:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.70:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.71:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.73:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.74:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.75:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.76:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.77:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.79:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.80:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.81:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.82:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.83:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.85:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.88:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.89:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.90:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.91:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.92:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.93:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.104:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.106:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.107:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.108:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.109:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.110:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.111:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.112:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.113:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:33.0.1750.115:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:N/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • NONE
  • Availability Impact
  • NONE
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
History
Created Old Value New Value Data Type Notes
2022-05-10 10:35:50 Added to TrackCVE
2022-12-01 21:58:52 2014-02-24T04:48Z 2014-02-24T04:48:10 CVE Published Date updated
2022-12-01 21:58:52 2014-04-01T06:26:54 CVE Modified Date updated
2022-12-01 21:58:52 Modified Vulnerability Status updated