Strix
26.1K

CVE-2013-2913

UnknownEPSS 1.27%

Last modified

CVE-2013-2913 is a vulnerability of currently unknown severity. Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document.. EPSS estimates a 1.27% chance of exploitation in the next 30 days.

Description

Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document.

Metrics

EPSS Probability
1.27%

66.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
GoogleChrome<= 30.0.1599.65
GoogleChrome30.0.1599.0
GoogleChrome30.0.1599.1
GoogleChrome30.0.1599.2
GoogleChrome30.0.1599.4
GoogleChrome30.0.1599.5
GoogleChrome30.0.1599.6
GoogleChrome30.0.1599.7
GoogleChrome30.0.1599.8
GoogleChrome30.0.1599.9
GoogleChrome30.0.1599.10
GoogleChrome30.0.1599.11
GoogleChrome30.0.1599.12
GoogleChrome30.0.1599.13
GoogleChrome30.0.1599.14
GoogleChrome30.0.1599.15
GoogleChrome30.0.1599.16
GoogleChrome30.0.1599.17
GoogleChrome30.0.1599.18
GoogleChrome30.0.1599.19
GoogleChrome30.0.1599.20
GoogleChrome30.0.1599.21
GoogleChrome30.0.1599.22
GoogleChrome30.0.1599.23
GoogleChrome30.0.1599.24
GoogleChrome30.0.1599.25
GoogleChrome30.0.1599.26
GoogleChrome30.0.1599.27
GoogleChrome30.0.1599.28
GoogleChrome30.0.1599.29
GoogleChrome30.0.1599.30
GoogleChrome30.0.1599.31
GoogleChrome30.0.1599.32
GoogleChrome30.0.1599.33
GoogleChrome30.0.1599.34
GoogleChrome30.0.1599.35
GoogleChrome30.0.1599.36
GoogleChrome30.0.1599.37
GoogleChrome30.0.1599.38
GoogleChrome30.0.1599.39
GoogleChrome30.0.1599.40
GoogleChrome30.0.1599.41
GoogleChrome30.0.1599.42
GoogleChrome30.0.1599.43
GoogleChrome30.0.1599.44
GoogleChrome30.0.1599.47
GoogleChrome30.0.1599.48
GoogleChrome30.0.1599.49
GoogleChrome30.0.1599.50
GoogleChrome30.0.1599.51

Showing 50 of 59 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-2913?
Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document.
How severe is CVE-2013-2913?
Severity scoring for CVE-2013-2913 is pending analysis. The EPSS model estimates a 1.27% probability of exploitation in the next 30 days.
How do I fix CVE-2013-2913?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-2913?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST