6.4

CVE-2013-6659

The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user's expectations, by initiating a TLS renegotiation.

Data is provided by the National Vulnerability Database (NVD)
GoogleChrome Version <= 33.0.1750.116
GoogleChrome Version33.0.1750.0
GoogleChrome Version33.0.1750.1
GoogleChrome Version33.0.1750.2
GoogleChrome Version33.0.1750.3
GoogleChrome Version33.0.1750.4
GoogleChrome Version33.0.1750.5
GoogleChrome Version33.0.1750.6
GoogleChrome Version33.0.1750.7
GoogleChrome Version33.0.1750.8
GoogleChrome Version33.0.1750.9
GoogleChrome Version33.0.1750.10
GoogleChrome Version33.0.1750.11
GoogleChrome Version33.0.1750.12
GoogleChrome Version33.0.1750.13
GoogleChrome Version33.0.1750.14
GoogleChrome Version33.0.1750.15
GoogleChrome Version33.0.1750.16
GoogleChrome Version33.0.1750.18
GoogleChrome Version33.0.1750.19
GoogleChrome Version33.0.1750.20
GoogleChrome Version33.0.1750.21
GoogleChrome Version33.0.1750.22
GoogleChrome Version33.0.1750.23
GoogleChrome Version33.0.1750.24
GoogleChrome Version33.0.1750.25
GoogleChrome Version33.0.1750.26
GoogleChrome Version33.0.1750.27
GoogleChrome Version33.0.1750.28
GoogleChrome Version33.0.1750.29
GoogleChrome Version33.0.1750.30
GoogleChrome Version33.0.1750.31
GoogleChrome Version33.0.1750.34
GoogleChrome Version33.0.1750.35
GoogleChrome Version33.0.1750.36
GoogleChrome Version33.0.1750.37
GoogleChrome Version33.0.1750.38
GoogleChrome Version33.0.1750.39
GoogleChrome Version33.0.1750.40
GoogleChrome Version33.0.1750.41
GoogleChrome Version33.0.1750.42
GoogleChrome Version33.0.1750.43
GoogleChrome Version33.0.1750.44
GoogleChrome Version33.0.1750.45
GoogleChrome Version33.0.1750.46
GoogleChrome Version33.0.1750.47
GoogleChrome Version33.0.1750.48
GoogleChrome Version33.0.1750.49
GoogleChrome Version33.0.1750.50
GoogleChrome Version33.0.1750.51
GoogleChrome Version33.0.1750.52
GoogleChrome Version33.0.1750.53
GoogleChrome Version33.0.1750.54
GoogleChrome Version33.0.1750.55
GoogleChrome Version33.0.1750.56
GoogleChrome Version33.0.1750.57
GoogleChrome Version33.0.1750.58
GoogleChrome Version33.0.1750.59
GoogleChrome Version33.0.1750.60
GoogleChrome Version33.0.1750.61
GoogleChrome Version33.0.1750.62
GoogleChrome Version33.0.1750.63
GoogleChrome Version33.0.1750.64
GoogleChrome Version33.0.1750.65
GoogleChrome Version33.0.1750.66
GoogleChrome Version33.0.1750.67
GoogleChrome Version33.0.1750.68
GoogleChrome Version33.0.1750.69
GoogleChrome Version33.0.1750.70
GoogleChrome Version33.0.1750.71
GoogleChrome Version33.0.1750.73
GoogleChrome Version33.0.1750.74
GoogleChrome Version33.0.1750.75
GoogleChrome Version33.0.1750.76
GoogleChrome Version33.0.1750.77
GoogleChrome Version33.0.1750.79
GoogleChrome Version33.0.1750.80
GoogleChrome Version33.0.1750.81
GoogleChrome Version33.0.1750.82
GoogleChrome Version33.0.1750.83
GoogleChrome Version33.0.1750.85
GoogleChrome Version33.0.1750.88
GoogleChrome Version33.0.1750.89
GoogleChrome Version33.0.1750.90
GoogleChrome Version33.0.1750.91
GoogleChrome Version33.0.1750.92
GoogleChrome Version33.0.1750.93
GoogleChrome Version33.0.1750.104
GoogleChrome Version33.0.1750.106
GoogleChrome Version33.0.1750.107
GoogleChrome Version33.0.1750.108
GoogleChrome Version33.0.1750.109
GoogleChrome Version33.0.1750.110
GoogleChrome Version33.0.1750.111
GoogleChrome Version33.0.1750.112
GoogleChrome Version33.0.1750.113
GoogleChrome Version33.0.1750.115
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.1% 0.24
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.4 10 4.9
AV:N/AC:L/Au:N/C:P/I:P/A:N