Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2013-0879
Vulnerability from cvelistv5
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:41:47.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:16505",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16505"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html"
},
{
"name": "54886",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54886"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5934"
},
{
"name": "openSUSE-SU-2013:0454",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=172243"
},
{
"name": "APPLE-SA-2013-06-04-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html"
},
{
"name": "APPLE-SA-2013-09-18-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "oval:org.mitre.oval:def:16505",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16505"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html"
},
{
"name": "54886",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54886"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5934"
},
{
"name": "openSUSE-SU-2013:0454",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=172243"
},
{
"name": "APPLE-SA-2013-06-04-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html"
},
{
"name": "APPLE-SA-2013-09-18-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-0879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:16505",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16505"
},
{
"name": "http://support.apple.com/kb/HT5785",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5785"
},
{
"name": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html"
},
{
"name": "54886",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54886"
},
{
"name": "http://support.apple.com/kb/HT5934",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5934"
},
{
"name": "openSUSE-SU-2013:0454",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=172243",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=172243"
},
{
"name": "APPLE-SA-2013-06-04-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html"
},
{
"name": "APPLE-SA-2013-09-18-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2013-0879",
"datePublished": "2013-02-23T21:00:00",
"dateReserved": "2013-01-07T00:00:00",
"dateUpdated": "2024-08-06T14:41:47.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2013-0879\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2013-02-23T21:55:00.967\",\"lastModified\":\"2024-11-21T01:48:22.637\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.\"},{\"lang\":\"es\",\"value\":\"Google Chrome anterior a v25.0.1364.97 en Windows y Linux, y anterior a v25.0.1364.99 en Mac OS X, no implementa correctamente los nodos de web audio, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente tener otro impacto no especificado mediante vectores desconocidos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"25.0.1364.97\",\"matchCriteriaId\":\"0107C81D-3DF7-48EB-9907-A69D933C1A55\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"25.0.1364.99\",\"matchCriteriaId\":\"E4443B52-0815-45EB-A1F8-BF045F0ED921\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5415705-33E5-46D5-8E4D-9EBADC8C5705\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"}]}]}],\"references\":[{\"url\":\"http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://secunia.com/advisories/54886\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://support.apple.com/kb/HT5785\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://support.apple.com/kb/HT5934\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://code.google.com/p/chromium/issues/detail?id=172243\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16505\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/54886\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT5785\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT5934\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://code.google.com/p/chromium/issues/detail?id=172243\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16505\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
gsd-2013-0879
Vulnerability from gsd
{
"GSD": {
"alias": "CVE-2013-0879",
"description": "Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.",
"id": "GSD-2013-0879",
"references": [
"https://www.suse.com/security/cve/CVE-2013-0879.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2013-0879"
],
"details": "Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.",
"id": "GSD-2013-0879",
"modified": "2023-12-13T01:22:15.462834Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-0879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:16505",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16505"
},
{
"name": "http://support.apple.com/kb/HT5785",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5785"
},
{
"name": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html"
},
{
"name": "54886",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54886"
},
{
"name": "http://support.apple.com/kb/HT5934",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5934"
},
{
"name": "openSUSE-SU-2013:0454",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=172243",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=172243"
},
{
"name": "APPLE-SA-2013-06-04-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html"
},
{
"name": "APPLE-SA-2013-09-18-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "25.0.1364.97",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "25.0.1364.99",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-0879"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html",
"refsource": "CONFIRM",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=172243",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Issue Tracking",
"Mailing List",
"Vendor Advisory"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=172243"
},
{
"name": "openSUSE-SU-2013:0454",
"refsource": "SUSE",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html"
},
{
"name": "APPLE-SA-2013-06-04-2",
"refsource": "APPLE",
"tags": [
"Broken Link",
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT5785",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5785"
},
{
"name": "http://support.apple.com/kb/HT5934",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5934"
},
{
"name": "APPLE-SA-2013-09-18-2",
"refsource": "APPLE",
"tags": [
"Broken Link",
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
},
{
"name": "54886",
"refsource": "SECUNIA",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/54886"
},
{
"name": "oval:org.mitre.oval:def:16505",
"refsource": "OVAL",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16505"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2023-01-30T15:01Z",
"publishedDate": "2013-02-23T21:55Z"
}
}
}
var-201302-0278
Vulnerability from variot
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. This vulnerability Webkit Vulnerability in Webkit Other products that use may also be affected.Service disruption by a third party ( Memory corruption ) There is a possibility of being affected unspecified, such as being in a state. Google Chrome is prone to a memory-corruption vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Note: This issue was previously discussed in BID 58101 (Google Chrome Multiple Security Vulnerabilities), but has been moved to its own record to better document it. This may lead to a malicious alteration of the behavior of a form submission.
For OS X Mountain Lion systems Safari 6.0.5 is included with OS X v10.8.4. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201309-16
http://security.gentoo.org/
Severity: High Title: Chromium, V8: Multiple vulnerabilities Date: September 24, 2013 Bugs: #442096, #444826, #445246, #446944, #451334, #453610, #458644, #460318, #460776, #463426, #470920, #472350, #476344, #479048, #481990 ID: 201309-16
Synopsis
Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code.
Background
Chromium is an open-source web browser project. V8 is Google's open source JavaScript engine.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 29.0.1457.57 >= 29.0.1457.57 2 dev-lang/v8 < 3.18.5.14 >= 3.18.5.14 ------------------------------------------------------------------- 2 affected packages
Description
Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.
Impact
A context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass security restrictions or have other, unspecified, impact.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-29.0.1457.57"
All V8 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/v8-3.18.5.14"
References
[ 1 ] CVE-2012-5116 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5116 [ 2 ] CVE-2012-5117 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5117 [ 3 ] CVE-2012-5118 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5118 [ 4 ] CVE-2012-5119 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5119 [ 5 ] CVE-2012-5120 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5120 [ 6 ] CVE-2012-5121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5121 [ 7 ] CVE-2012-5122 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5122 [ 8 ] CVE-2012-5123 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5123 [ 9 ] CVE-2012-5124 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5124 [ 10 ] CVE-2012-5125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5125 [ 11 ] CVE-2012-5126 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5126 [ 12 ] CVE-2012-5127 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5127 [ 13 ] CVE-2012-5128 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5128 [ 14 ] CVE-2012-5130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5130 [ 15 ] CVE-2012-5132 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5132 [ 16 ] CVE-2012-5133 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5133 [ 17 ] CVE-2012-5135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5135 [ 18 ] CVE-2012-5136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5136 [ 19 ] CVE-2012-5137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5137 [ 20 ] CVE-2012-5138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5138 [ 21 ] CVE-2012-5139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5139 [ 22 ] CVE-2012-5140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5140 [ 23 ] CVE-2012-5141 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5141 [ 24 ] CVE-2012-5142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5142 [ 25 ] CVE-2012-5143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5143 [ 26 ] CVE-2012-5144 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5144 [ 27 ] CVE-2012-5145 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5145 [ 28 ] CVE-2012-5146 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5146 [ 29 ] CVE-2012-5147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5147 [ 30 ] CVE-2012-5148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5148 [ 31 ] CVE-2012-5149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5149 [ 32 ] CVE-2012-5150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5150 [ 33 ] CVE-2012-5151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5151 [ 34 ] CVE-2012-5152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5152 [ 35 ] CVE-2012-5153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5153 [ 36 ] CVE-2012-5154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5154 [ 37 ] CVE-2013-0828 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0828 [ 38 ] CVE-2013-0829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0829 [ 39 ] CVE-2013-0830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0830 [ 40 ] CVE-2013-0831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0831 [ 41 ] CVE-2013-0832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0832 [ 42 ] CVE-2013-0833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0833 [ 43 ] CVE-2013-0834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0834 [ 44 ] CVE-2013-0835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0835 [ 45 ] CVE-2013-0836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0836 [ 46 ] CVE-2013-0837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0837 [ 47 ] CVE-2013-0838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0838 [ 48 ] CVE-2013-0839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0839 [ 49 ] CVE-2013-0840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0840 [ 50 ] CVE-2013-0841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0841 [ 51 ] CVE-2013-0842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0842 [ 52 ] CVE-2013-0879 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0879 [ 53 ] CVE-2013-0880 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0880 [ 54 ] CVE-2013-0881 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0881 [ 55 ] CVE-2013-0882 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0882 [ 56 ] CVE-2013-0883 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0883 [ 57 ] CVE-2013-0884 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0884 [ 58 ] CVE-2013-0885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0885 [ 59 ] CVE-2013-0887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0887 [ 60 ] CVE-2013-0888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0888 [ 61 ] CVE-2013-0889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0889 [ 62 ] CVE-2013-0890 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0890 [ 63 ] CVE-2013-0891 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0891 [ 64 ] CVE-2013-0892 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0892 [ 65 ] CVE-2013-0893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0893 [ 66 ] CVE-2013-0894 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0894 [ 67 ] CVE-2013-0895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0895 [ 68 ] CVE-2013-0896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0896 [ 69 ] CVE-2013-0897 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0897 [ 70 ] CVE-2013-0898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0898 [ 71 ] CVE-2013-0899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0899 [ 72 ] CVE-2013-0900 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0900 [ 73 ] CVE-2013-0902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0902 [ 74 ] CVE-2013-0903 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0903 [ 75 ] CVE-2013-0904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0904 [ 76 ] CVE-2013-0905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0905 [ 77 ] CVE-2013-0906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0906 [ 78 ] CVE-2013-0907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0907 [ 79 ] CVE-2013-0908 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0908 [ 80 ] CVE-2013-0909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0909 [ 81 ] CVE-2013-0910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0910 [ 82 ] CVE-2013-0911 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0911 [ 83 ] CVE-2013-0912 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0912 [ 84 ] CVE-2013-0916 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0916 [ 85 ] CVE-2013-0917 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0917 [ 86 ] CVE-2013-0918 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0918 [ 87 ] CVE-2013-0919 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0919 [ 88 ] CVE-2013-0920 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0920 [ 89 ] CVE-2013-0921 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0921 [ 90 ] CVE-2013-0922 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0922 [ 91 ] CVE-2013-0923 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0923 [ 92 ] CVE-2013-0924 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0924 [ 93 ] CVE-2013-0925 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0925 [ 94 ] CVE-2013-0926 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0926 [ 95 ] CVE-2013-2836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2836 [ 96 ] CVE-2013-2837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2837 [ 97 ] CVE-2013-2838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2838 [ 98 ] CVE-2013-2839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2839 [ 99 ] CVE-2013-2840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2840 [ 100 ] CVE-2013-2841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2841 [ 101 ] CVE-2013-2842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2842 [ 102 ] CVE-2013-2843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2843 [ 103 ] CVE-2013-2844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2844 [ 104 ] CVE-2013-2845 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2845 [ 105 ] CVE-2013-2846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2846 [ 106 ] CVE-2013-2847 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2847 [ 107 ] CVE-2013-2848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2848 [ 108 ] CVE-2013-2849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2849 [ 109 ] CVE-2013-2853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2853 [ 110 ] CVE-2013-2855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2855 [ 111 ] CVE-2013-2856 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2856 [ 112 ] CVE-2013-2857 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2857 [ 113 ] CVE-2013-2858 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2858 [ 114 ] CVE-2013-2859 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2859 [ 115 ] CVE-2013-2860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2860 [ 116 ] CVE-2013-2861 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2861 [ 117 ] CVE-2013-2862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2862 [ 118 ] CVE-2013-2863 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2863 [ 119 ] CVE-2013-2865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2865 [ 120 ] CVE-2013-2867 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2867 [ 121 ] CVE-2013-2868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2868 [ 122 ] CVE-2013-2869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2869 [ 123 ] CVE-2013-2870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2870 [ 124 ] CVE-2013-2871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2871 [ 125 ] CVE-2013-2874 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2874 [ 126 ] CVE-2013-2875 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2875 [ 127 ] CVE-2013-2876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2876 [ 128 ] CVE-2013-2877 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2877 [ 129 ] CVE-2013-2878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2878 [ 130 ] CVE-2013-2879 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2879 [ 131 ] CVE-2013-2880 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2880 [ 132 ] CVE-2013-2881 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2881 [ 133 ] CVE-2013-2882 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2882 [ 134 ] CVE-2013-2883 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2883 [ 135 ] CVE-2013-2884 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2884 [ 136 ] CVE-2013-2885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2885 [ 137 ] CVE-2013-2886 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2886 [ 138 ] CVE-2013-2887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2887 [ 139 ] CVE-2013-2900 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2900 [ 140 ] CVE-2013-2901 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2901 [ 141 ] CVE-2013-2902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2902 [ 142 ] CVE-2013-2903 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2903 [ 143 ] CVE-2013-2904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2904 [ 144 ] CVE-2013-2905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2905 [ 145 ] Release Notes 23.0.1271.64
http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html [ 146 ] Release Notes 23.0.1271.91
http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html [ 147 ] Release Notes 23.0.1271.95
http://googlechromereleases.blogspot.com/2012/11/stable-channel-update_29.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-16.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. In certain contexts, an active network attacker could present untrusted certificates to iTunes and they would be accepted without warning. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2013-09-18-2 iOS 7
iOS 7 is now available and addresses the following:
Certificate Trust Policy Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Root certificates have been updated Description: Several certificates were added to or removed from the list of system roots.
CoreGraphics Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JBIG2 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1025 : Felix Groebert of the Google Security Team
CoreMedia Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of Sorenson encoded movie files. This issue was addressed through improved bounds checking. CVE-ID CVE-2013-1019 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft) working with HP's Zero Day Initiative
Data Protection Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Apps could bypass passcode-attempt restrictions Description: A privilege separation issue existed in Data Protection. An app within the third-party sandbox could repeatedly attempt to determine the user's passcode regardless of the user's "Erase Data" setting. This issue was addressed by requiring additional entitlement checks. CVE-ID CVE-2013-0957 : Jin Han of the Institute for Infocomm Research working with Qiang Yan and Su Mon Kywe of Singapore Management University
Data Security Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: TrustWave, a trusted root CA, has issued, and subsequently revoked, a sub-CA certificate from one of its trusted anchors. This sub-CA facilitated the interception of communications secured by Transport Layer Security (TLS). This update added the involved sub-CA certificate to OS X's list of untrusted certificates. CVE-ID CVE-2013-5134
dyld Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker who has arbitrary code execution on a device may be able to persist code execution across reboots Description: Multiple buffer overflows existed in dyld's openSharedCacheFile() function. These issues were addressed through improved bounds checking. CVE-ID CVE-2013-3950 : Stefan Esser
File Systems Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker who can mount a non-HFS filesystem may be able to cause an unexpected system termination or arbitrary code execution with kernel privileges Description: A memory corruption issue existed in the handling of AppleDouble files. This issue was addressed by removing support for AppleDouble files. CVE-ID CVE-2013-3955 : Stefan Esser
ImageIO Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JPEG2000 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1026 : Felix Groebert of the Google Security Team
IOKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Background applications could inject user interface events into the foreground app Description: It was possible for background applications to inject user interface events into the foreground application using the task completion or VoIP APIs. This issue was addressed by enforcing access controls on foreground and background processes that handle interface events. CVE-ID CVE-2013-5137 : Mackenzie Straight at Mobile Labs
IOKitUser Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious local application could cause an unexpected system termination Description: A null pointer dereference existed in IOCatalogue. The issue was addressed through additional type checking. CVE-ID CVE-2013-5138 : Will Estes
IOSerialFamily Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Executing a malicious application may result in arbitrary code execution within the kernel Description: An out of bounds array access existed in the IOSerialFamily driver. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-5139 : @dent1zt
IPSec Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may intercept data protected with IPSec Hybrid Auth Description: The DNS name of an IPSec Hybrid Auth server was not being matched against the certificate, allowing an attacker with a certificate for any server to impersonate any other. This issue was addressed by improved certificate checking. CVE-ID CVE-2013-1028 : Alexander Traud of www.traud.de
Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A remote attacker can cause a device to unexpectedly restart Description: Sending an invalid packet fragment to a device can cause a kernel assert to trigger, leading to a device restart. The issue was addressed through additional validation of packet fragments. CVE-ID CVE-2013-5140 : Joonas Kuorilehto of Codenomicon, an anonymous researcher working with CERT-FI, Antti LevomAki and Lauri Virtanen of Vulnerability Analysis Group, Stonesoft
Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious local application could cause device hang Description: An integer truncation vulnerability in the kernel socket interface could be leveraged to force the CPU into an infinite loop. The issue was addressed by using a larger sized variable. CVE-ID CVE-2013-5141 : CESG
Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker on a local network can cause a denial of service Description: An attacker on a local network can send specially crafted IPv6 ICMP packets and cause high CPU load. The issue was addressed by rate limiting ICMP packets before verifying their checksum. CVE-ID CVE-2011-2391 : Marc Heuse
Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Kernel stack memory may be disclosed to local users Description: An information disclosure issue existed in the msgctl and segctl APIs. This issue was addressed by initializing data structures returned from the kernel. CVE-ID CVE-2013-5142 : Kenzley Alphonse of Kenx Technology, Inc
Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Unprivileged processes could get access to the contents of kernel memory which could lead to privilege escalation Description: An information disclosure issue existed in the mach_port_space_info API. This issue was addressed by initializing the iin_collision field in structures returned from the kernel. CVE-ID CVE-2013-3953 : Stefan Esser
Kernel Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Unprivileged processes may be able to cause an unexpected system termination or arbitrary code execution in the kernel Description: A memory corruption issue existed in the handling of arguments to the posix_spawn API. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-3954 : Stefan Esser
Kext Management Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An unauthorized process may modify the set of loaded kernel extensions Description: An issue existed in kextd's handling of IPC messages from unauthenticated senders. This issue was addressed by adding additional authorization checks. CVE-ID CVE-2013-5145 : "Rainbow PRISM"
libxml Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in libxml. These issues were addressed by updating libxml to version 2.9.0. CVE-ID CVE-2011-3102 : Juri Aedla CVE-2012-0841 CVE-2012-2807 : Juri Aedla CVE-2012-5134 : Google Chrome Security Team (Juri Aedla)
libxslt Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in libxslt. These issues were addressed by updating libxslt to version 1.1.28. CVE-ID CVE-2012-2825 : Nicolas Gregoire CVE-2012-2870 : Nicolas Gregoire CVE-2012-2871 : Kai Lu of Fortinet's FortiGuard Labs, Nicolas Gregoire
Passcode Lock Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: A race condition issue existed in the handling of phone calls and SIM card ejection at the lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2013-5147 : videosdebarraquito
Personal Hotspot Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: An attacker may be able to join a Personal Hotspot network Description: An issue existed in the generation of Personal Hotspot passwords, resulting in passwords that could be predicted by an attacker to join a user's Personal Hotspot. The issue was addressed by generating passwords with higher entropy. CVE-ID CVE-2013-4616 : Andreas Kurtz of NESO Security Labs and Daniel Metz of University Erlangen-Nuremberg
Push Notifications Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: The push notification token may be disclosed to an app contrary to the user's decision Description: An information disclosure issue existed in push notification registration. Apps requesting access to the push notification access received the token before the user approved the app's use of push notifications. This issue was addressed by withholding access to the token until the user has approved access. CVE-ID CVE-2013-5149 : Jack Flintermann of Grouper, Inc.
Safari Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of XML files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1036 : Kai Lu of Fortinet's FortiGuard Labs
Safari Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: History of pages recently visited in an open tab may remain after clearing of history Description: Clearing Safari's history did not clear the back/forward history for open tabs. This issue was addressed by clearing the back/forward history. CVE-ID CVE-2013-5150
Safari Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing files on a website may lead to script execution even when the server sends a 'Content-Type: text/plain' header Description: Mobile Safari sometimes treated files as HTML files even when the server sent a 'Content-Type: text/plain' header. This may lead to cross-site scripting on sites that allow users to upload files. This issue was addressed through improved handling of files when 'Content-Type: text/plain' is set. CVE-ID CVE-2013-5151 : Ben Toews of Github
Safari Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may allow an arbitrary URL to be displayed Description: A URL bar spoofing issue existed in Mobile Safari. This issue was addressed through improved URL tracking. CVE-ID CVE-2013-5152 : Keita Haga of keitahaga.com, Lukasz Pilorz of RBS
Sandbox Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Applications that are scripts were not sandboxed Description: Third-party applications which used the #! syntax to run a script were sandboxed based on the identity of the script interpreter, not the script. The interpreter may not have a sandbox defined, leading to the application being run unsandboxed. This issue was addressed by creating the sandbox based on the identity of the script. CVE-ID CVE-2013-5154 : evad3rs
Sandbox Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Applications can cause a system hang Description: Malicious third-party applications that wrote specific values to the /dev/random device could force the CPU to enter an infinite loop. This issue was addressed by preventing third-party applications from writing to /dev/random. CVE-ID CVE-2013-5155 : CESG
Social Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Users recent Twitter activity could be disclosed on devices with no passcode. Description: An issue existed where it was possible to determine what Twitter accounts a user had recently interacted with. This issue was resolved by restricting access to the Twitter icon cache. CVE-ID CVE-2013-5158 : Jonathan Zdziarski
Springboard Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A person with physical access to a device in Lost Mode may be able to view notifications Description: An issue existed in the handling of notifications when a device is in Lost Mode. This update addresses the issue with improved lock state management. CVE-ID CVE-2013-5153 : Daniel Stangroom
Telephony Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Malicious apps could interfere with or control telephony functionality Description: An access control issue existed in the telephony subsystem. Bypassing supported APIs, sandboxed apps could make requests directly to a system daemon interfering with or controlling telephony functionality. This issue was addressed by enforcing access controls on interfaces exposed by the telephony daemon. CVE-ID CVE-2013-5156 : Jin Han of the Institute for Infocomm Research working with Qiang Yan and Su Mon Kywe of Singapore Management University; Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke Lee from the Georgia Institute of Technology
Twitter Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Sandboxed apps could send tweets without user interaction or permission Description: An access control issue existed in the Twitter subsystem. Bypassing supported APIs, sandboxed apps could make requests directly to a system daemon interfering with or controlling Twitter functionality. This issue was addressed by enforcing access controls on interfaces exposed by the Twitter daemon. CVE-ID CVE-2013-5157 : Jin Han of the Institute for Infocomm Research working with Qiang Yan and Su Mon Kywe of Singapore Management University; Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke Lee from the Georgia Institute of Technology
WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2013-0879 : Atte Kettunen of OUSPG CVE-2013-0991 : Jay Civelli of the Chromium development community CVE-2013-0992 : Google Chrome Security Team (Martin Barbella) CVE-2013-0993 : Google Chrome Security Team (Inferno) CVE-2013-0994 : David German of Google CVE-2013-0995 : Google Chrome Security Team (Inferno) CVE-2013-0996 : Google Chrome Security Team (Inferno) CVE-2013-0997 : Vitaliy Toropov working with HP's Zero Day Initiative CVE-2013-0998 : pa_kt working with HP's Zero Day Initiative CVE-2013-0999 : pa_kt working with HP's Zero Day Initiative CVE-2013-1000 : Fermin J. Serna of the Google Security Team CVE-2013-1001 : Ryan Humenick CVE-2013-1002 : Sergey Glazunov CVE-2013-1003 : Google Chrome Security Team (Inferno) CVE-2013-1004 : Google Chrome Security Team (Martin Barbella) CVE-2013-1005 : Google Chrome Security Team (Martin Barbella) CVE-2013-1006 : Google Chrome Security Team (Martin Barbella) CVE-2013-1007 : Google Chrome Security Team (Inferno) CVE-2013-1008 : Sergey Glazunov CVE-2013-1010 : miaubiz CVE-2013-1037 : Google Chrome Security Team CVE-2013-1038 : Google Chrome Security Team CVE-2013-1039 : own-hero Research working with iDefense VCP CVE-2013-1040 : Google Chrome Security Team CVE-2013-1041 : Google Chrome Security Team CVE-2013-1042 : Google Chrome Security Team CVE-2013-1043 : Google Chrome Security Team CVE-2013-1044 : Apple CVE-2013-1045 : Google Chrome Security Team CVE-2013-1046 : Google Chrome Security Team CVE-2013-1047 : miaubiz CVE-2013-2842 : Cyril Cattiaux CVE-2013-5125 : Google Chrome Security Team CVE-2013-5126 : Apple CVE-2013-5127 : Google Chrome Security Team CVE-2013-5128 : Apple
WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a malicious website may lead to information disclosure Description: An information disclosure issue existed in the handling of the window.webkitRequestAnimationFrame() API. A maliciously crafted website could use an iframe to determine if another site used window.webkitRequestAnimationFrame(). This issue was addressed through improved handling of window.webkitRequestAnimationFrame(). CVE-ID CVE-2013-5159
WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Copying and pasting a malicious HTML snippet may lead to a cross-site scripting attack Description: A cross-site scripting issue existed in the handling of copied and pasted data in HTML documents. This issue was addressed through additional validation of pasted content. CVE-ID CVE-2013-0926 : Aditya Gupta, Subho Halder, and Dev Kar of xys3c (xysec.com)
WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-site scripting issue existed in the handling of iframes. This issue was addressed through improved origin tracking. CVE-ID CVE-2013-1012 : Subodh Iyengar and Erling Ellingsen of Facebook
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an information disclosure Description: An information disclosure issue existed in XSSAuditor. This issue was addressed through improved handling of URLs. CVE-ID CVE-2013-2848 : Egor Homakov
WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Dragging or pasting a selection may lead to a cross-site scripting attack Description: Dragging or pasting a selection from one site to another may allow scripts contained in the selection to be executed in the context of the new site. This issue is addressed through additional validation of content before a paste or a drag and drop operation. CVE-ID CVE-2013-5129 : Mario Heiderich
WebKit Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-site scripting issue existed in the handling of URLs. This issue was addressed through improved origin tracking. CVE-ID CVE-2013-5131 : Erling A Ellingsen
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "7.0".
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJSOe4/AAoJEPefwLHPlZEwToUP/jUGETRBdUjwN/gMmQAtl6zN 0VUMbnsNH51Lhsr15p9EHYJUL97pajT0N1gdd8Q2l+2NHkQzQLJziXgsO6VFOX7e GoLNvlbyfoE0Ac9dSm9w7yi2lVf8bjGZKmEH0DAXzZD5s0ThiqPZCjTo8rCODMH2 TyQgkYtcXtrAHYaFe0dceWe3Q0ORu24cuFg0xeqX+7QvzK9mSeJWiN8OtimMzDni 5Dvgn7emHiuI6f3huQ25bEXK4gjN+CGwXg2RhQ7fwm9IeBdLnH1qKrFrrMHIhbrK ibvud5jLS0ltUH+XnfBkoCkBntOO11vYllti8oIGCgaa5NkVkEOKbHy9uh6riGHT KXYU/LfM8tt8Ax6iknn4mYC2QYbv7OIyzSfu/scWbeawsJb4OMx71oJrROTArgQG QthFQvFk7NSe5kQlNz+xQHI5LP/ZSHTKdwT69zPIzjWQBOdcZ+4GQvmMsbKIeZeY I2oIull2C7XYav8B0o+l4WlyEewNCOHQ8znapZnjCRKT/FF/ueG/WO0J4SEWUbQz Kf24sZtFtm51QekPS3vc1XHacqJLELD8ugtgYC3hh9vUqkLV3UxpLKvI8uoOPUDt SCV3qSpaxgBQtJWUZPq0MWVTDJKzX4MEB8e1p4jZAggEzfx9AdT0s7XyGm9H/UsR GowSVGG+cJtvrngVhy3E =dNVy -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0278",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "chrome",
"scope": "lt",
"trust": 1.0,
"vendor": "google",
"version": "25.0.1364.99"
},
{
"model": "chrome",
"scope": "lt",
"trust": 1.0,
"vendor": "google",
"version": "25.0.1364.97"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "25.0.1364.97 (windows and linux)"
},
{
"model": "chrome",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "25.0.1364.99 (mac os x)"
},
{
"model": "tv",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6.0 (apple tv first 2 after generation )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7 (ipad 2 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7 (iphone 4 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7 (ipod touch first 5 after generation )"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.0.3 (windows)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6.0.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "25.0.1364.24"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "25.0.1364.23"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "25.0.1364.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "25.0.1364.27"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "25.0.1364.25"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "25.0.1364.28"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "25.0.1364.29"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "25.0.1364.22"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "25.0.1364.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "25.0.1364.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.220"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.101"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.83"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375127"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1042"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.4.0.80"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "19.0.1084.21"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.223"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.81"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.55"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.46"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.303"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.59"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.168"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.70"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.36"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.20"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.53"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.300"
},
{
"model": "tv",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.49"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.32"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.75"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.60"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.203"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.105"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "24.0.1312.70"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.211"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.47255"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.43"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.221"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "23.0.1271.64"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.2.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "19.0.1084.52"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.104"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.213"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.306"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.102"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.38"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.307"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375125"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.208"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.19"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.2.149.27"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.301"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.43"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "25"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "24.0.1312.56"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.89"
},
{
"model": "ios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "64"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.1"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "24.0.1312.57"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.15"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.205"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.16"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.2491064"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.17"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.204"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.222"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.215"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "23.0.1271.97"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.65"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.225"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.24"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.142"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.7"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "22.0.1229.79"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.302"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.219"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.310"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.91275"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.55"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.96379"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.218"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.217"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.224"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.103"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.100"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "23.0.1271.91"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.6.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.548.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.34"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.59"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.62"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.37599"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.78"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.3.1549"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.61"
},
{
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.308"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.210"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.550.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.82"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.56"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.50"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.249.89"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874.120"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "22.0.1229.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.309"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.214"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.57"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.209"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.2.149.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.202"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.7"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.226"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.60"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.96365"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.31"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.97"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1045"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.23"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.7"
},
{
"model": "chrome beta",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "24.0.1312.52"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "19"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "22.0.1229.92"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.249.78"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.201"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5.1"
},
{
"model": "ios for developer",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.43"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874.121"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.163"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.549.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.44"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.77"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.304"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.151"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.83"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025.162"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.207"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "23.0.1271.95"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.212"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.305"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.33"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.0.0.163"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.99"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.216"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.237"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.344"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.53"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.41"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874102"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.206"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.48"
},
{
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.6.1.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.79"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.215"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.200"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.186"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.64"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.211.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.46"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.75"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.37586"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.63"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.2491059"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.2491036"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.2.149.29"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.202"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.30"
}
],
"sources": [
{
"db": "BID",
"id": "59326"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001644"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-459"
},
{
"db": "NVD",
"id": "CVE-2013-0879"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:google:chrome",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:apple_tv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001644"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "PACKETSTORM",
"id": "121925"
},
{
"db": "PACKETSTORM",
"id": "121672"
},
{
"db": "PACKETSTORM",
"id": "123307"
},
{
"db": "PACKETSTORM",
"id": "123339"
}
],
"trust": 0.4
},
"cve": "CVE-2013-0879",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2013-0879",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-60881",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-0879",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-0879",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-459",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-60881",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60881"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001644"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-459"
},
{
"db": "NVD",
"id": "CVE-2013-0879"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. This vulnerability Webkit Vulnerability in Webkit Other products that use may also be affected.Service disruption by a third party ( Memory corruption ) There is a possibility of being affected unspecified, such as being in a state. Google Chrome is prone to a memory-corruption vulnerability. \nSuccessful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. \nNote: This issue was previously discussed in BID 58101 (Google Chrome Multiple Security Vulnerabilities), but has been moved to its own record to better document it. This may lead to a malicious alteration of the\nbehavior of a form submission. \n\nFor OS X Mountain Lion systems Safari 6.0.5 is included with\nOS X v10.8.4. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201309-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Chromium, V8: Multiple vulnerabilities\n Date: September 24, 2013\n Bugs: #442096, #444826, #445246, #446944, #451334, #453610,\n #458644, #460318, #460776, #463426, #470920, #472350,\n #476344, #479048, #481990\n ID: 201309-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in Chromium and V8, some of\nwhich may allow execution of arbitrary code. \n\nBackground\n==========\n\nChromium is an open-source web browser project. V8 is Google\u0027s open\nsource JavaScript engine. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/chromium \u003c 29.0.1457.57 \u003e= 29.0.1457.57\n 2 dev-lang/v8 \u003c 3.18.5.14 \u003e= 3.18.5.14\n -------------------------------------------------------------------\n 2 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium and V8. \nPlease review the CVE identifiers and release notes referenced below\nfor details. \n\nImpact\n======\n\nA context-dependent attacker could entice a user to open a specially\ncrafted web site or JavaScript program using Chromium or V8, possibly\nresulting in the execution of arbitrary code with the privileges of the\nprocess or a Denial of Service condition. Furthermore, a remote\nattacker may be able to bypass security restrictions or have other,\nunspecified, impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-client/chromium-29.0.1457.57\"\n\nAll V8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-lang/v8-3.18.5.14\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5116\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5116\n[ 2 ] CVE-2012-5117\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5117\n[ 3 ] CVE-2012-5118\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5118\n[ 4 ] CVE-2012-5119\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5119\n[ 5 ] CVE-2012-5120\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5120\n[ 6 ] CVE-2012-5121\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5121\n[ 7 ] CVE-2012-5122\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5122\n[ 8 ] CVE-2012-5123\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5123\n[ 9 ] CVE-2012-5124\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5124\n[ 10 ] CVE-2012-5125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5125\n[ 11 ] CVE-2012-5126\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5126\n[ 12 ] CVE-2012-5127\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5127\n[ 13 ] CVE-2012-5128\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5128\n[ 14 ] CVE-2012-5130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5130\n[ 15 ] CVE-2012-5132\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5132\n[ 16 ] CVE-2012-5133\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5133\n[ 17 ] CVE-2012-5135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5135\n[ 18 ] CVE-2012-5136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5136\n[ 19 ] CVE-2012-5137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5137\n[ 20 ] CVE-2012-5138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5138\n[ 21 ] CVE-2012-5139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5139\n[ 22 ] CVE-2012-5140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5140\n[ 23 ] CVE-2012-5141\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5141\n[ 24 ] CVE-2012-5142\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5142\n[ 25 ] CVE-2012-5143\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5143\n[ 26 ] CVE-2012-5144\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5144\n[ 27 ] CVE-2012-5145\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5145\n[ 28 ] CVE-2012-5146\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5146\n[ 29 ] CVE-2012-5147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5147\n[ 30 ] CVE-2012-5148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5148\n[ 31 ] CVE-2012-5149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5149\n[ 32 ] CVE-2012-5150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5150\n[ 33 ] CVE-2012-5151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5151\n[ 34 ] CVE-2012-5152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5152\n[ 35 ] CVE-2012-5153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5153\n[ 36 ] CVE-2012-5154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5154\n[ 37 ] CVE-2013-0828\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0828\n[ 38 ] CVE-2013-0829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0829\n[ 39 ] CVE-2013-0830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0830\n[ 40 ] CVE-2013-0831\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0831\n[ 41 ] CVE-2013-0832\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0832\n[ 42 ] CVE-2013-0833\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0833\n[ 43 ] CVE-2013-0834\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0834\n[ 44 ] CVE-2013-0835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0835\n[ 45 ] CVE-2013-0836\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0836\n[ 46 ] CVE-2013-0837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0837\n[ 47 ] CVE-2013-0838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0838\n[ 48 ] CVE-2013-0839\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0839\n[ 49 ] CVE-2013-0840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0840\n[ 50 ] CVE-2013-0841\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0841\n[ 51 ] CVE-2013-0842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0842\n[ 52 ] CVE-2013-0879\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0879\n[ 53 ] CVE-2013-0880\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0880\n[ 54 ] CVE-2013-0881\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0881\n[ 55 ] CVE-2013-0882\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0882\n[ 56 ] CVE-2013-0883\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0883\n[ 57 ] CVE-2013-0884\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0884\n[ 58 ] CVE-2013-0885\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0885\n[ 59 ] CVE-2013-0887\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0887\n[ 60 ] CVE-2013-0888\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0888\n[ 61 ] CVE-2013-0889\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0889\n[ 62 ] CVE-2013-0890\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0890\n[ 63 ] CVE-2013-0891\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0891\n[ 64 ] CVE-2013-0892\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0892\n[ 65 ] CVE-2013-0893\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0893\n[ 66 ] CVE-2013-0894\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0894\n[ 67 ] CVE-2013-0895\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0895\n[ 68 ] CVE-2013-0896\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0896\n[ 69 ] CVE-2013-0897\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0897\n[ 70 ] CVE-2013-0898\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0898\n[ 71 ] CVE-2013-0899\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0899\n[ 72 ] CVE-2013-0900\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0900\n[ 73 ] CVE-2013-0902\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0902\n[ 74 ] CVE-2013-0903\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0903\n[ 75 ] CVE-2013-0904\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0904\n[ 76 ] CVE-2013-0905\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0905\n[ 77 ] CVE-2013-0906\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0906\n[ 78 ] CVE-2013-0907\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0907\n[ 79 ] CVE-2013-0908\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0908\n[ 80 ] CVE-2013-0909\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0909\n[ 81 ] CVE-2013-0910\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0910\n[ 82 ] CVE-2013-0911\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0911\n[ 83 ] CVE-2013-0912\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0912\n[ 84 ] CVE-2013-0916\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0916\n[ 85 ] CVE-2013-0917\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0917\n[ 86 ] CVE-2013-0918\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0918\n[ 87 ] CVE-2013-0919\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0919\n[ 88 ] CVE-2013-0920\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0920\n[ 89 ] CVE-2013-0921\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0921\n[ 90 ] CVE-2013-0922\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0922\n[ 91 ] CVE-2013-0923\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0923\n[ 92 ] CVE-2013-0924\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0924\n[ 93 ] CVE-2013-0925\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0925\n[ 94 ] CVE-2013-0926\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0926\n[ 95 ] CVE-2013-2836\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2836\n[ 96 ] CVE-2013-2837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2837\n[ 97 ] CVE-2013-2838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2838\n[ 98 ] CVE-2013-2839\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2839\n[ 99 ] CVE-2013-2840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2840\n[ 100 ] CVE-2013-2841\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2841\n[ 101 ] CVE-2013-2842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2842\n[ 102 ] CVE-2013-2843\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2843\n[ 103 ] CVE-2013-2844\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2844\n[ 104 ] CVE-2013-2845\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2845\n[ 105 ] CVE-2013-2846\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2846\n[ 106 ] CVE-2013-2847\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2847\n[ 107 ] CVE-2013-2848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2848\n[ 108 ] CVE-2013-2849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2849\n[ 109 ] CVE-2013-2853\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2853\n[ 110 ] CVE-2013-2855\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2855\n[ 111 ] CVE-2013-2856\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2856\n[ 112 ] CVE-2013-2857\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2857\n[ 113 ] CVE-2013-2858\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2858\n[ 114 ] CVE-2013-2859\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2859\n[ 115 ] CVE-2013-2860\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2860\n[ 116 ] CVE-2013-2861\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2861\n[ 117 ] CVE-2013-2862\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2862\n[ 118 ] CVE-2013-2863\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2863\n[ 119 ] CVE-2013-2865\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2865\n[ 120 ] CVE-2013-2867\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2867\n[ 121 ] CVE-2013-2868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2868\n[ 122 ] CVE-2013-2869\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2869\n[ 123 ] CVE-2013-2870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2870\n[ 124 ] CVE-2013-2871\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2871\n[ 125 ] CVE-2013-2874\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2874\n[ 126 ] CVE-2013-2875\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2875\n[ 127 ] CVE-2013-2876\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2876\n[ 128 ] CVE-2013-2877\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2877\n[ 129 ] CVE-2013-2878\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2878\n[ 130 ] CVE-2013-2879\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2879\n[ 131 ] CVE-2013-2880\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2880\n[ 132 ] CVE-2013-2881\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2881\n[ 133 ] CVE-2013-2882\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2882\n[ 134 ] CVE-2013-2883\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2883\n[ 135 ] CVE-2013-2884\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2884\n[ 136 ] CVE-2013-2885\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2885\n[ 137 ] CVE-2013-2886\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2886\n[ 138 ] CVE-2013-2887\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2887\n[ 139 ] CVE-2013-2900\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2900\n[ 140 ] CVE-2013-2901\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2901\n[ 141 ] CVE-2013-2902\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2902\n[ 142 ] CVE-2013-2903\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2903\n[ 143 ] CVE-2013-2904\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2904\n[ 144 ] CVE-2013-2905\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2905\n[ 145 ] Release Notes 23.0.1271.64\n\nhttp://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html\n[ 146 ] Release Notes 23.0.1271.91\n\nhttp://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html\n[ 147 ] Release Notes 23.0.1271.95\n\nhttp://googlechromereleases.blogspot.com/2012/11/stable-channel-update_29.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-16.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. In\ncertain contexts, an active network attacker could present untrusted\ncertificates to iTunes and they would be accepted without warning. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2013-09-18-2 iOS 7\n\niOS 7 is now available and addresses the following:\n\nCertificate Trust Policy\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Root certificates have been updated\nDescription: Several certificates were added to or removed from the\nlist of system roots. \n\nCoreGraphics\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of JBIG2\nencoded data in PDF files. This issue was addressed through\nadditional bounds checking. \nCVE-ID\nCVE-2013-1025 : Felix Groebert of the Google Security Team\n\nCoreMedia\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Playing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of Sorenson\nencoded movie files. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2013-1019 : Tom Gallagher (Microsoft) \u0026 Paul Bates (Microsoft)\nworking with HP\u0027s Zero Day Initiative\n\nData Protection\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Apps could bypass passcode-attempt restrictions\nDescription: A privilege separation issue existed in Data\nProtection. An app within the third-party sandbox could repeatedly\nattempt to determine the user\u0027s passcode regardless of the user\u0027s\n\"Erase Data\" setting. This issue was addressed by requiring\nadditional entitlement checks. \nCVE-ID\nCVE-2013-0957 : Jin Han of the Institute for Infocomm Research\nworking with Qiang Yan and Su Mon Kywe of Singapore Management\nUniversity\n\nData Security\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker with a privileged network position may intercept\nuser credentials or other sensitive information\nDescription: TrustWave, a trusted root CA, has issued, and\nsubsequently revoked, a sub-CA certificate from one of its trusted\nanchors. This sub-CA facilitated the interception of communications\nsecured by Transport Layer Security (TLS). This update added the\ninvolved sub-CA certificate to OS X\u0027s list of untrusted certificates. \nCVE-ID\nCVE-2013-5134\n\ndyld\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker who has arbitrary code execution on a device may\nbe able to persist code execution across reboots\nDescription: Multiple buffer overflows existed in dyld\u0027s\nopenSharedCacheFile() function. These issues were addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2013-3950 : Stefan Esser\n\nFile Systems\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker who can mount a non-HFS filesystem may be able\nto cause an unexpected system termination or arbitrary code execution\nwith kernel privileges\nDescription: A memory corruption issue existed in the handling of\nAppleDouble files. This issue was addressed by removing support for\nAppleDouble files. \nCVE-ID\nCVE-2013-3955 : Stefan Esser\n\nImageIO\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of JPEG2000\nencoded data in PDF files. This issue was addressed through\nadditional bounds checking. \nCVE-ID\nCVE-2013-1026 : Felix Groebert of the Google Security Team\n\nIOKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Background applications could inject user interface events\ninto the foreground app\nDescription: It was possible for background applications to inject\nuser interface events into the foreground application using the task\ncompletion or VoIP APIs. This issue was addressed by enforcing access\ncontrols on foreground and background processes that handle interface\nevents. \nCVE-ID\nCVE-2013-5137 : Mackenzie Straight at Mobile Labs\n\nIOKitUser\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious local application could cause an unexpected\nsystem termination\nDescription: A null pointer dereference existed in IOCatalogue. \nThe issue was addressed through additional type checking. \nCVE-ID\nCVE-2013-5138 : Will Estes\n\nIOSerialFamily\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Executing a malicious application may result in arbitrary\ncode execution within the kernel\nDescription: An out of bounds array access existed in the\nIOSerialFamily driver. This issue was addressed through additional\nbounds checking. \nCVE-ID\nCVE-2013-5139 : @dent1zt\n\nIPSec\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker may intercept data protected with IPSec Hybrid\nAuth\nDescription: The DNS name of an IPSec Hybrid Auth server was not\nbeing matched against the certificate, allowing an attacker with a\ncertificate for any server to impersonate any other. This issue was\naddressed by improved certificate checking. \nCVE-ID\nCVE-2013-1028 : Alexander Traud of www.traud.de\n\nKernel\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A remote attacker can cause a device to unexpectedly restart\nDescription: Sending an invalid packet fragment to a device can\ncause a kernel assert to trigger, leading to a device restart. The\nissue was addressed through additional validation of packet\nfragments. \nCVE-ID\nCVE-2013-5140 : Joonas Kuorilehto of Codenomicon, an anonymous\nresearcher working with CERT-FI, Antti LevomAki and Lauri Virtanen\nof Vulnerability Analysis Group, Stonesoft\n\nKernel\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A malicious local application could cause device hang\nDescription: An integer truncation vulnerability in the kernel\nsocket interface could be leveraged to force the CPU into an infinite\nloop. The issue was addressed by using a larger sized variable. \nCVE-ID\nCVE-2013-5141 : CESG\n\nKernel\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker on a local network can cause a denial of service\nDescription: An attacker on a local network can send specially\ncrafted IPv6 ICMP packets and cause high CPU load. The issue was\naddressed by rate limiting ICMP packets before verifying their\nchecksum. \nCVE-ID\nCVE-2011-2391 : Marc Heuse\n\nKernel\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Kernel stack memory may be disclosed to local users\nDescription: An information disclosure issue existed in the msgctl\nand segctl APIs. This issue was addressed by initializing data\nstructures returned from the kernel. \nCVE-ID\nCVE-2013-5142 : Kenzley Alphonse of Kenx Technology, Inc\n\nKernel\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Unprivileged processes could get access to the contents of\nkernel memory which could lead to privilege escalation\nDescription: An information disclosure issue existed in the\nmach_port_space_info API. This issue was addressed by initializing\nthe iin_collision field in structures returned from the kernel. \nCVE-ID\nCVE-2013-3953 : Stefan Esser\n\nKernel\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Unprivileged processes may be able to cause an unexpected\nsystem termination or arbitrary code execution in the kernel\nDescription: A memory corruption issue existed in the handling of\narguments to the posix_spawn API. This issue was addressed through\nadditional bounds checking. \nCVE-ID\nCVE-2013-3954 : Stefan Esser\n\nKext Management\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An unauthorized process may modify the set of loaded kernel\nextensions\nDescription: An issue existed in kextd\u0027s handling of IPC messages\nfrom unauthenticated senders. This issue was addressed by adding\nadditional authorization checks. \nCVE-ID\nCVE-2013-5145 : \"Rainbow PRISM\"\n\nlibxml\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted web page may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in libxml. \nThese issues were addressed by updating libxml to version 2.9.0. \nCVE-ID\nCVE-2011-3102 : Juri Aedla\nCVE-2012-0841\nCVE-2012-2807 : Juri Aedla\nCVE-2012-5134 : Google Chrome Security Team (Juri Aedla)\n\nlibxslt\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted web page may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in libxslt. \nThese issues were addressed by updating libxslt to version 1.1.28. \nCVE-ID\nCVE-2012-2825 : Nicolas Gregoire\nCVE-2012-2870 : Nicolas Gregoire\nCVE-2012-2871 : Kai Lu of Fortinet\u0027s FortiGuard Labs, Nicolas\nGregoire\n\nPasscode Lock\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A person with physical access to the device may be able to\nbypass the screen lock\nDescription: A race condition issue existed in the handling of phone\ncalls and SIM card ejection at the lock screen. This issue was\naddressed through improved lock state management. \nCVE-ID\nCVE-2013-5147 : videosdebarraquito\n\nPersonal Hotspot\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: An attacker may be able to join a Personal Hotspot network\nDescription: An issue existed in the generation of Personal Hotspot\npasswords, resulting in passwords that could be predicted by an\nattacker to join a user\u0027s Personal Hotspot. The issue was addressed\nby generating passwords with higher entropy. \nCVE-ID\nCVE-2013-4616 : Andreas Kurtz of NESO Security Labs and Daniel Metz\nof University Erlangen-Nuremberg\n\nPush Notifications\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: The push notification token may be disclosed to an app\ncontrary to the user\u0027s decision\nDescription: An information disclosure issue existed in push\nnotification registration. Apps requesting access to the push\nnotification access received the token before the user approved the\napp\u0027s use of push notifications. This issue was addressed by\nwithholding access to the token until the user has approved access. \nCVE-ID\nCVE-2013-5149 : Jack Flintermann of Grouper, Inc. \n\nSafari\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the handling of\nXML files. This issue was addressed through additional bounds\nchecking. \nCVE-ID\nCVE-2013-1036 : Kai Lu of Fortinet\u0027s FortiGuard Labs\n\nSafari\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: History of pages recently visited in an open tab may remain\nafter clearing of history\nDescription: Clearing Safari\u0027s history did not clear the\nback/forward history for open tabs. This issue was addressed by\nclearing the back/forward history. \nCVE-ID\nCVE-2013-5150\n\nSafari\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Viewing files on a website may lead to script execution even\nwhen the server sends a \u0027Content-Type: text/plain\u0027 header\nDescription: Mobile Safari sometimes treated files as HTML files\neven when the server sent a \u0027Content-Type: text/plain\u0027 header. This\nmay lead to cross-site scripting on sites that allow users to upload\nfiles. This issue was addressed through improved handling of files\nwhen \u0027Content-Type: text/plain\u0027 is set. \nCVE-ID\nCVE-2013-5151 : Ben Toews of Github\n\nSafari\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a malicious website may allow an arbitrary URL to\nbe displayed\nDescription: A URL bar spoofing issue existed in Mobile Safari. This\nissue was addressed through improved URL tracking. \nCVE-ID\nCVE-2013-5152 : Keita Haga of keitahaga.com, Lukasz Pilorz of RBS\n\nSandbox\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Applications that are scripts were not sandboxed\nDescription: Third-party applications which used the #! syntax to\nrun a script were sandboxed based on the identity of the script\ninterpreter, not the script. The interpreter may not have a sandbox\ndefined, leading to the application being run unsandboxed. This issue\nwas addressed by creating the sandbox based on the identity of the\nscript. \nCVE-ID\nCVE-2013-5154 : evad3rs\n\nSandbox\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Applications can cause a system hang\nDescription: Malicious third-party applications that wrote specific\nvalues to the /dev/random device could force the CPU to enter an\ninfinite loop. This issue was addressed by preventing third-party\napplications from writing to /dev/random. \nCVE-ID\nCVE-2013-5155 : CESG\n\nSocial\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Users recent Twitter activity could be disclosed on devices\nwith no passcode. \nDescription: An issue existed where it was possible to determine\nwhat Twitter accounts a user had recently interacted with. This issue\nwas resolved by restricting access to the Twitter icon cache. \nCVE-ID\nCVE-2013-5158 : Jonathan Zdziarski\n\nSpringboard\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: A person with physical access to a device in Lost Mode may\nbe able to view notifications\nDescription: An issue existed in the handling of notifications when\na device is in Lost Mode. This update addresses the issue with\nimproved lock state management. \nCVE-ID\nCVE-2013-5153 : Daniel Stangroom\n\nTelephony\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Malicious apps could interfere with or control telephony\nfunctionality\nDescription: An access control issue existed in the telephony\nsubsystem. Bypassing supported APIs, sandboxed apps could make\nrequests directly to a system daemon interfering with or controlling\ntelephony functionality. This issue was addressed by enforcing access\ncontrols on interfaces exposed by the telephony daemon. \nCVE-ID\nCVE-2013-5156 : Jin Han of the Institute for Infocomm Research\nworking with Qiang Yan and Su Mon Kywe of Singapore Management\nUniversity; Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke\nLee from the Georgia Institute of Technology\n\nTwitter\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Sandboxed apps could send tweets without user interaction or\npermission\nDescription: An access control issue existed in the Twitter\nsubsystem. Bypassing supported APIs, sandboxed apps could make\nrequests directly to a system daemon interfering with or controlling\nTwitter functionality. This issue was addressed by enforcing access\ncontrols on interfaces exposed by the Twitter daemon. \nCVE-ID\nCVE-2013-5157 : Jin Han of the Institute for Infocomm Research\nworking with Qiang Yan and Su Mon Kywe of Singapore Management\nUniversity; Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke\nLee from the Georgia Institute of Technology\n\nWebKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2013-0879 : Atte Kettunen of OUSPG\nCVE-2013-0991 : Jay Civelli of the Chromium development community\nCVE-2013-0992 : Google Chrome Security Team (Martin Barbella)\nCVE-2013-0993 : Google Chrome Security Team (Inferno)\nCVE-2013-0994 : David German of Google\nCVE-2013-0995 : Google Chrome Security Team (Inferno)\nCVE-2013-0996 : Google Chrome Security Team (Inferno)\nCVE-2013-0997 : Vitaliy Toropov working with HP\u0027s Zero Day Initiative\nCVE-2013-0998 : pa_kt working with HP\u0027s Zero Day Initiative\nCVE-2013-0999 : pa_kt working with HP\u0027s Zero Day Initiative\nCVE-2013-1000 : Fermin J. Serna of the Google Security Team\nCVE-2013-1001 : Ryan Humenick\nCVE-2013-1002 : Sergey Glazunov\nCVE-2013-1003 : Google Chrome Security Team (Inferno)\nCVE-2013-1004 : Google Chrome Security Team (Martin Barbella)\nCVE-2013-1005 : Google Chrome Security Team (Martin Barbella)\nCVE-2013-1006 : Google Chrome Security Team (Martin Barbella)\nCVE-2013-1007 : Google Chrome Security Team (Inferno)\nCVE-2013-1008 : Sergey Glazunov\nCVE-2013-1010 : miaubiz\nCVE-2013-1037 : Google Chrome Security Team\nCVE-2013-1038 : Google Chrome Security Team\nCVE-2013-1039 : own-hero Research working with iDefense VCP\nCVE-2013-1040 : Google Chrome Security Team\nCVE-2013-1041 : Google Chrome Security Team\nCVE-2013-1042 : Google Chrome Security Team\nCVE-2013-1043 : Google Chrome Security Team\nCVE-2013-1044 : Apple\nCVE-2013-1045 : Google Chrome Security Team\nCVE-2013-1046 : Google Chrome Security Team\nCVE-2013-1047 : miaubiz\nCVE-2013-2842 : Cyril Cattiaux\nCVE-2013-5125 : Google Chrome Security Team\nCVE-2013-5126 : Apple\nCVE-2013-5127 : Google Chrome Security Team\nCVE-2013-5128 : Apple\n\nWebKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a malicious website may lead to information\ndisclosure\nDescription: An information disclosure issue existed in the handling\nof the window.webkitRequestAnimationFrame() API. A maliciously\ncrafted website could use an iframe to determine if another site used\nwindow.webkitRequestAnimationFrame(). This issue was addressed\nthrough improved handling of window.webkitRequestAnimationFrame(). \nCVE-ID\nCVE-2013-5159\n\nWebKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Copying and pasting a malicious HTML snippet may lead to a\ncross-site scripting attack\nDescription: A cross-site scripting issue existed in the handling of\ncopied and pasted data in HTML documents. This issue was addressed\nthrough additional validation of pasted content. \nCVE-ID\nCVE-2013-0926 : Aditya Gupta, Subho Halder, and Dev Kar of xys3c\n(xysec.com)\n\nWebKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-site scripting issue existed in the handling of\niframes. This issue was addressed through improved origin tracking. \nCVE-ID\nCVE-2013-1012 : Subodh Iyengar and Erling Ellingsen of Facebook\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to an\ninformation disclosure\nDescription: An information disclosure issue existed in XSSAuditor. \nThis issue was addressed through improved handling of URLs. \nCVE-ID\nCVE-2013-2848 : Egor Homakov\n\nWebKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Dragging or pasting a selection may lead to a cross-site\nscripting attack\nDescription: Dragging or pasting a selection from one site to\nanother may allow scripts contained in the selection to be executed\nin the context of the new site. This issue is addressed through\nadditional validation of content before a paste or a drag and drop\noperation. \nCVE-ID\nCVE-2013-5129 : Mario Heiderich\n\nWebKit\nAvailable for: iPhone 4 and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-site scripting issue existed in the handling of\nURLs. This issue was addressed through improved origin tracking. \nCVE-ID\nCVE-2013-5131 : Erling A Ellingsen\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"7.0\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJSOe4/AAoJEPefwLHPlZEwToUP/jUGETRBdUjwN/gMmQAtl6zN\n0VUMbnsNH51Lhsr15p9EHYJUL97pajT0N1gdd8Q2l+2NHkQzQLJziXgsO6VFOX7e\nGoLNvlbyfoE0Ac9dSm9w7yi2lVf8bjGZKmEH0DAXzZD5s0ThiqPZCjTo8rCODMH2\nTyQgkYtcXtrAHYaFe0dceWe3Q0ORu24cuFg0xeqX+7QvzK9mSeJWiN8OtimMzDni\n5Dvgn7emHiuI6f3huQ25bEXK4gjN+CGwXg2RhQ7fwm9IeBdLnH1qKrFrrMHIhbrK\nibvud5jLS0ltUH+XnfBkoCkBntOO11vYllti8oIGCgaa5NkVkEOKbHy9uh6riGHT\nKXYU/LfM8tt8Ax6iknn4mYC2QYbv7OIyzSfu/scWbeawsJb4OMx71oJrROTArgQG\nQthFQvFk7NSe5kQlNz+xQHI5LP/ZSHTKdwT69zPIzjWQBOdcZ+4GQvmMsbKIeZeY\nI2oIull2C7XYav8B0o+l4WlyEewNCOHQ8znapZnjCRKT/FF/ueG/WO0J4SEWUbQz\nKf24sZtFtm51QekPS3vc1XHacqJLELD8ugtgYC3hh9vUqkLV3UxpLKvI8uoOPUDt\nSCV3qSpaxgBQtJWUZPq0MWVTDJKzX4MEB8e1p4jZAggEzfx9AdT0s7XyGm9H/UsR\nGowSVGG+cJtvrngVhy3E\n=dNVy\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-0879"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001644"
},
{
"db": "BID",
"id": "59326"
},
{
"db": "VULHUB",
"id": "VHN-60881"
},
{
"db": "PACKETSTORM",
"id": "121925"
},
{
"db": "PACKETSTORM",
"id": "123382"
},
{
"db": "PACKETSTORM",
"id": "121672"
},
{
"db": "PACKETSTORM",
"id": "123307"
},
{
"db": "PACKETSTORM",
"id": "123339"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-0879",
"trust": 3.3
},
{
"db": "SECUNIA",
"id": "54886",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU98681940",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU91792294",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU92876220",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001644",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-459",
"trust": 0.7
},
{
"db": "BID",
"id": "59326",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "121925",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-60881",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123382",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121672",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123307",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123339",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60881"
},
{
"db": "BID",
"id": "59326"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001644"
},
{
"db": "PACKETSTORM",
"id": "121925"
},
{
"db": "PACKETSTORM",
"id": "123382"
},
{
"db": "PACKETSTORM",
"id": "121672"
},
{
"db": "PACKETSTORM",
"id": "123307"
},
{
"db": "PACKETSTORM",
"id": "123339"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-459"
},
{
"db": "NVD",
"id": "CVE-2013-0879"
}
]
},
"id": "VAR-201302-0278",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-60881"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:59:19.981000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2013-05-16-1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2013/May/msg00000.html"
},
{
"title": "APPLE-SA-2013-09-18-2",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
},
{
"title": "APPLE-SA-2013-06-04-1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html"
},
{
"title": "HT5766",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5766"
},
{
"title": "HT5785",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5785"
},
{
"title": "HT5934",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5934"
},
{
"title": "HT5935",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5935"
},
{
"title": "HT5934",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5934?viewlocale=ja_JP"
},
{
"title": "HT5935",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5935?viewlocale=ja_JP"
},
{
"title": "HT5785",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5785?viewlocale=ja_JP"
},
{
"title": "HT5766",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5766?viewlocale=ja_JP"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
},
{
"title": "Stable Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_21.html"
},
{
"title": "openSUSE-SU-2013:0454",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html"
},
{
"title": "Google Chrome25.0.1364.97",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=45333"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001644"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-459"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60881"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001644"
},
{
"db": "NVD",
"id": "CVE-2013-0879"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://lists.apple.com/archives/security-announce/2013/sep/msg00006.html"
},
{
"trust": 2.0,
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html"
},
{
"trust": 2.0,
"url": "http://support.apple.com/kb/ht5785"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2013/jun/msg00001.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht5934"
},
{
"trust": 1.7,
"url": "https://code.google.com/p/chromium/issues/detail?id=172243"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16505"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/54886"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0879"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu92876220/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu91792294/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu98681940/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0879"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0997"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0996"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0879"
},
{
"trust": 0.4,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0995"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0992"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0993"
},
{
"trust": 0.4,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.4,
"url": "http://gpgtools.org"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0991"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0994"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0998"
},
{
"trust": 0.3,
"url": "http://www.google.com/chrome"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht5935"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1000"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1001"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1003"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1005"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1002"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1004"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0999"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1007"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1006"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1010"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0926"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1008"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0841"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5134"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2391"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2807"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2825"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2871"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2870"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3102"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1012"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1011"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1013"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1009"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1023"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5133"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0894"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2848"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2862"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2905"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2876"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0879"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0881"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2857"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5126"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5128"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0906"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2870"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201309-16.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5146"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2856"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0895"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0899"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5127"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0904"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2874"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5116"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0830"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0880"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0905"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2900"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5140"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2877"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0833"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2839"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0828"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2847"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0918"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0902"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2863"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0831"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0900"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5126"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0835"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5121"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5133"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0911"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0925"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0921"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0897"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0920"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0917"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0908"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2885"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5120"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0896"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0889"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5144"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5146"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5136"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5127"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5145"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2882"
},
{
"trust": 0.1,
"url": "http://googlechromereleases.blogspot.com/2012/11/stable-channel-update_29.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5143"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2880"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2878"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2859"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5125"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0882"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5137"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5144"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2879"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0919"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5118"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2867"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5119"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5122"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5124"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2902"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5125"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5122"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0892"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5120"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2855"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5117"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5121"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2846"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2887"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5128"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2869"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5117"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5132"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2903"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2842"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5124"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5143"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5123"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0884"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0885"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2844"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2861"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0883"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0890"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2865"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0841"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5116"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0893"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2884"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5145"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0922"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2871"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5118"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2901"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0839"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0924"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0912"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0909"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2904"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5132"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5119"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5148"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0832"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0898"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2841"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0842"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2858"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2886"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0891"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0903"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2845"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2881"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0907"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0834"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0926"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0910"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0888"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2853"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2836"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2875"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0887"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2843"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5137"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5123"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5141"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0912"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0956"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0954"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0955"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0948"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0959"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0952"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1014"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0958"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0949"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2857"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0950"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0951"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2824"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0953"
},
{
"trust": 0.1,
"url": "http://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5112"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0957"
},
{
"trust": 0.1,
"url": "https://www.traud.de"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-60881"
},
{
"db": "BID",
"id": "59326"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001644"
},
{
"db": "PACKETSTORM",
"id": "121925"
},
{
"db": "PACKETSTORM",
"id": "123382"
},
{
"db": "PACKETSTORM",
"id": "121672"
},
{
"db": "PACKETSTORM",
"id": "123307"
},
{
"db": "PACKETSTORM",
"id": "123339"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-459"
},
{
"db": "NVD",
"id": "CVE-2013-0879"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-60881"
},
{
"db": "BID",
"id": "59326"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001644"
},
{
"db": "PACKETSTORM",
"id": "121925"
},
{
"db": "PACKETSTORM",
"id": "123382"
},
{
"db": "PACKETSTORM",
"id": "121672"
},
{
"db": "PACKETSTORM",
"id": "123307"
},
{
"db": "PACKETSTORM",
"id": "123339"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-459"
},
{
"db": "NVD",
"id": "CVE-2013-0879"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-23T00:00:00",
"db": "VULHUB",
"id": "VHN-60881"
},
{
"date": "2013-02-21T00:00:00",
"db": "BID",
"id": "59326"
},
{
"date": "2013-02-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001644"
},
{
"date": "2013-06-06T14:44:44",
"db": "PACKETSTORM",
"id": "121925"
},
{
"date": "2013-09-24T22:44:00",
"db": "PACKETSTORM",
"id": "123382"
},
{
"date": "2013-05-17T13:33:33",
"db": "PACKETSTORM",
"id": "121672"
},
{
"date": "2013-09-19T01:58:16",
"db": "PACKETSTORM",
"id": "123307"
},
{
"date": "2013-09-20T20:54:13",
"db": "PACKETSTORM",
"id": "123339"
},
{
"date": "2013-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-459"
},
{
"date": "2013-02-23T21:55:00.967000",
"db": "NVD",
"id": "CVE-2013-0879"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-60881"
},
{
"date": "2015-03-19T08:09:00",
"db": "BID",
"id": "59326"
},
{
"date": "2013-10-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001644"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-459"
},
{
"date": "2024-11-21T01:48:22.637000",
"db": "NVD",
"id": "CVE-2013-0879"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-459"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Google Chrome Service disruption in ( Memory corruption ) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001644"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-459"
}
],
"trust": 0.6
}
}
ghsa-858h-4xmr-292q
Vulnerability from github
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
{
"affected": [],
"aliases": [
"CVE-2013-0879"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-02-23T21:55:00Z",
"severity": "HIGH"
},
"details": "Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.",
"id": "GHSA-858h-4xmr-292q",
"modified": "2022-05-17T00:56:52Z",
"published": "2022-05-17T00:56:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0879"
},
{
"type": "WEB",
"url": "https://code.google.com/p/chromium/issues/detail?id=172243"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16505"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/54886"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5785"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT5934"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.