CVE-2013-6802
Published: 18 November 2013
Google Chrome before 31.0.1650.57 allows remote attackers to bypass intended sandbox restrictions by leveraging access to a renderer process, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a different vulnerability than CVE-2013-6632.
Priority
Status
Package | Release | Status |
---|---|---|
chromium-browser Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(31.0.1650.63-0ubuntu0.12.04.1~20131204.1)
|
|
quantal |
Released
(31.0.1650.63-0ubuntu0.12.10.1~20131204.1)
|
|
raring |
Released
(31.0.1650.63-0ubuntu0.13.04.1~20131204.1)
|
|
saucy |
Released
(31.0.1650.63-0ubuntu0.13.10.1~20131204.1)
|
|
upstream |
Released
(31.0.1650.57)
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6802
- https://code.google.com/p/chromium/issues/detail?id=319125
- https://code.google.com/p/chromium/issues/detail?id=319117
- http://www.hppwn2own.com/chrome-nexus-4-samsung-galaxy-s4-falls/
- http://googlechromereleases.blogspot.com/2013/11/stable-channel-update_14.html
- http://googlechromereleases.blogspot.com/2013/11/chrome-for-android-update.html
- NVD
- Launchpad
- Debian