Vulnerability CVE-2013-2920: Information

Description

The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via a relative URL containing a hostname, as demonstrated by a protocol-relative URL beginning with a //www.google.com/ substring.

Severity: MEDIUM (5.0)

URL: https://nvd.nist.gov/vuln/detail/CVE-2013-2920
Published: Oct. 2, 2013
Modified: Nov. 7, 2023
Error type identifier: CWE-119

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
chromiumsisyphus30.0.1599.114-alt1.r229842125.0.6422.141-alt1ALT-PU-2013-1102-1108332Fixed
chromiump1030.0.1599.114-alt1.r229842119.0.6045.159-alt0.p10.1ALT-PU-2013-1102-1108332Fixed
chromiump930.0.1599.114-alt1.r22984297.0.4692.99-alt0.p9.1ALT-PU-2013-1102-1108332Fixed
chromiumc10f130.0.1599.114-alt1.r229842110.0.5481.177-alt1.p10.1ALT-PU-2013-1102-1108332Fixed
chromiumc9f230.0.1599.114-alt1.r22984284.0.4147.105-alt1.1.p9ALT-PU-2013-1102-1108332Fixed
chromiumc732.0.1700.102-alt0.M70P.138.0.2125.122-alt0.M70C.2ALT-PU-2014-1140-1113152Fixed
chromiump1130.0.1599.114-alt1.r229842125.0.6422.141-alt1ALT-PU-2013-1102-1108332Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html
    openSUSE-SU-2014:0065
      DSA-2785
        openSUSE-SU-2013:1556
          https://src.chromium.org/viewvc/chrome?revision=223735&view=revision
            openSUSE-SU-2013:1861
              https://code.google.com/p/chromium/issues/detail?id=285742
                oval:org.mitre.oval:def:18451

                    1. Configuration 1

                      cpe:2.3:a:google:chrome:30.0.1599.6:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.28:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.14:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.0:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.7:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.38:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.31:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.15:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.9:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.42:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
                      End including
                      30.0.1599.65
                      cpe:2.3:a:google:chrome:30.0.1599.1:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.4:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.34:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.51:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.18:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.50:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.12:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.5:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.56:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.16:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.44:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.35:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.23:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.13:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.37:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.2:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.20:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.47:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.26:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.19:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.61:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.57:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.22:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.52:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.29:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.24:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.48:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.58:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.43:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.64:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.49:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.60:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.21:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.32:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.17:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.41:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.36:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.25:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.53:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.30:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.40:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.27:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.10:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.11:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.59:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.33:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.8:*:*:*:*:*:*:*
                      cpe:2.3:a:google:chrome:30.0.1599.39:*:*:*:*:*:*:*
                  VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                  Version: v24.5.3
                  Back to top