CVE-2013-6627

Published: Nov 13, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://packetstormsecurity.com/files/140209/Chrome-HTTP-1xx-Out-Of-Bounds-Read.html

x_refsource_MISC

https://src.chromium.org/viewvc/chrome?revision=226539&view=revision

x_refsource_CONFIRM

40944

exploit

x_refsource_EXPLOIT-DB

openSUSE-SU-2014:0065

vendor-advisory

x_refsource_SUSE

https://code.google.com/p/chromium/issues/detail?id=299892

x_refsource_CONFIRM

20161219 CVE-2013-6627: Chrome Chrome HTTP 1xx base::StringTokenizerT<...>::QuickGetNext OOBR

mailing-list

x_refsource_FULLDISC

http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html

x_refsource_CONFIRM

openSUSE-SU-2013:1776

vendor-advisory

x_refsource_SUSE

http://blog.skylined.nl/20161219001.html

x_refsource_MISC

DSA-2799

vendor-advisory

x_refsource_DEBIAN

openSUSE-SU-2013:1861

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2013:1777

vendor-advisory

x_refsource_SUSE

oval:org.mitre.oval:def:19113

vdb-entry

signature

x_refsource_OVAL

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-6627

Description

Affected Products

References