Vulnerability CVE-2013-6635: Information

Description

Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of a node during processing of the DOM tree, related to CompositeEditCommand.cpp and ReplaceSelectionCommand.cpp.

Severity: MEDIUM (6.8)

URL: https://nvd.nist.gov/vuln/detail/CVE-2013-6635

Published: Dec. 7, 2013

Modified: Dec. 8, 2016

Error type identifier: CWE-399

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
chromium	sisyphus	31.0.1650.63-alt1	125.0.6422.141-alt1	ALT-PU-2013-1266-1	110257	Fixed
chromium	p10	31.0.1650.63-alt1	119.0.6045.159-alt0.p10.1	ALT-PU-2013-1266-1	110257	Fixed
chromium	p9	31.0.1650.63-alt1	97.0.4692.99-alt0.p9.1	ALT-PU-2013-1266-1	110257	Fixed
chromium	c10f1	31.0.1650.63-alt1	110.0.5481.177-alt1.p10.1	ALT-PU-2013-1266-1	110257	Fixed
chromium	c9f2	31.0.1650.63-alt1	84.0.4147.105-alt1.1.p9	ALT-PU-2013-1266-1	110257	Fixed
chromium	c7	32.0.1700.102-alt0.M70P.1	38.0.2125.122-alt0.M70C.2	ALT-PU-2014-1140-1	113152	Fixed
chromium	p11	31.0.1650.63-alt1	125.0.6422.141-alt1	ALT-PU-2013-1266-1	110257	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
http://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html	Vendor Advisory
https://code.google.com/p/chromium/issues/detail?id=314469
https://src.chromium.org/viewvc/blink?revision=161598&view=revision	Patch
DSA-2811
openSUSE-SU-2013:1933
openSUSE-SU-2013:1927
1029442
56217
http://support.apple.com/kb/HT6145
openSUSE-SU-2014:0065
http://support.apple.com/kb/HT6163
http://support.apple.com/kb/HT6162
https://support.apple.com/kb/HT6537

Affected configurations:
1. Configuration 1
  cpe:2.3:a:google:chrome:31.0.1650.22:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.45:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.11:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.59:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.33:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.32:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.31:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.28:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.54:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.26:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.4:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.60:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.2:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.16:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.39:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.41:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.38:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.5:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.36:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.43:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.34:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.13:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.44:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.61:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.23:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.17:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.51:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.48:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.19:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.20:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.14:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.10:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.58:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.47:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.46:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.7:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.37:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.29:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.8:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.25:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.53:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.55:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.52:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.9:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.3:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.12:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.50:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.57:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.15:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.30:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.35:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.27:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
  End including
  31.0.1650.62
  cpe:2.3:a:google:chrome:31.0.1650.42:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.6:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.0:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.18:*:*:*:*:*:*:*
  cpe:2.3:a:google:chrome:31.0.1650.49:*:*:*:*:*:*:*

Version: v24.5.3

Vulnerability CVE-2013-6635: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1