CVE-2013-6645

Published: Jan 16, 2014Modified: Apr 29, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/web_contents/web_contents_view_aura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving certain print-preview and tab-switch actions that interact with a speech input element.

Affected (6)

Products: Google: Chrome · Opensuse: Opensuse · Debian: Debian Linux

1 product

1 product

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Google Chrome	Before 32.0.1700.76

Running on/with	Platform Versions
Microsoft Windows	All versions

Configuration B

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Google Chrome	Before 32.0.1700.77

Running on/with	Platform Versions
Apple Mac Os X	All versions
Linux Linux Kernel	All versions

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 12.3
Opensuse Opensuse	Version 13.1

Configuration D

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 7.0
Debian Debian Linux	Version 8.0

Related CWEs

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (12)

http://code.google.com/p/chromium/issues/detail?id=320183

Source: cve@mitre.org

Issue TrackingMailing ListVendor Advisory

http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html

Source: cve@mitre.org

Release NotesVendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html

Source: cve@mitre.org

Broken LinkMailing ListThird Party Advisory

http://www.debian.org/security/2014/dsa-2862

Source: cve@mitre.org

Third Party Advisory

https://code.google.com/p/chromium/issues/detail?id=318791

Source: cve@mitre.org

ExploitMailing ListVendor Advisory

https://src.chromium.org/viewvc/chrome?revision=235302&view=revision

Source: cve@mitre.org

PatchVendor Advisory

http://code.google.com/p/chromium/issues/detail?id=320183

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingMailing ListVendor Advisory

http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkMailing ListThird Party Advisory

http://www.debian.org/security/2014/dsa-2862

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://code.google.com/p/chromium/issues/detail?id=318791

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListVendor Advisory

https://src.chromium.org/viewvc/chrome?revision=235302&view=revision

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.