5.8

CVE-2013-6666

The PepperFlashRendererHost::OnNavigate function in renderer/pepper/pepper_flash_renderer_host.cc in Google Chrome before 33.0.1750.146 does not verify that all headers are Cross-Origin Resource Sharing (CORS) simple headers before proceeding with a PPB_Flash.Navigate operation, which might allow remote attackers to bypass intended CORS restrictions via an inappropriate header.

Data is provided by the National Vulnerability Database (NVD)
GoogleChrome Version <= 33.0.1750.144
GoogleChrome Version33.0.1750.0
GoogleChrome Version33.0.1750.1
GoogleChrome Version33.0.1750.2
GoogleChrome Version33.0.1750.3
GoogleChrome Version33.0.1750.4
GoogleChrome Version33.0.1750.5
GoogleChrome Version33.0.1750.6
GoogleChrome Version33.0.1750.7
GoogleChrome Version33.0.1750.8
GoogleChrome Version33.0.1750.9
GoogleChrome Version33.0.1750.10
GoogleChrome Version33.0.1750.11
GoogleChrome Version33.0.1750.12
GoogleChrome Version33.0.1750.13
GoogleChrome Version33.0.1750.14
GoogleChrome Version33.0.1750.15
GoogleChrome Version33.0.1750.16
GoogleChrome Version33.0.1750.18
GoogleChrome Version33.0.1750.19
GoogleChrome Version33.0.1750.20
GoogleChrome Version33.0.1750.21
GoogleChrome Version33.0.1750.22
GoogleChrome Version33.0.1750.23
GoogleChrome Version33.0.1750.24
GoogleChrome Version33.0.1750.25
GoogleChrome Version33.0.1750.26
GoogleChrome Version33.0.1750.27
GoogleChrome Version33.0.1750.28
GoogleChrome Version33.0.1750.29
GoogleChrome Version33.0.1750.30
GoogleChrome Version33.0.1750.31
GoogleChrome Version33.0.1750.34
GoogleChrome Version33.0.1750.35
GoogleChrome Version33.0.1750.36
GoogleChrome Version33.0.1750.37
GoogleChrome Version33.0.1750.38
GoogleChrome Version33.0.1750.39
GoogleChrome Version33.0.1750.40
GoogleChrome Version33.0.1750.41
GoogleChrome Version33.0.1750.42
GoogleChrome Version33.0.1750.43
GoogleChrome Version33.0.1750.44
GoogleChrome Version33.0.1750.45
GoogleChrome Version33.0.1750.46
GoogleChrome Version33.0.1750.47
GoogleChrome Version33.0.1750.48
GoogleChrome Version33.0.1750.49
GoogleChrome Version33.0.1750.50
GoogleChrome Version33.0.1750.51
GoogleChrome Version33.0.1750.52
GoogleChrome Version33.0.1750.53
GoogleChrome Version33.0.1750.54
GoogleChrome Version33.0.1750.55
GoogleChrome Version33.0.1750.56
GoogleChrome Version33.0.1750.57
GoogleChrome Version33.0.1750.58
GoogleChrome Version33.0.1750.59
GoogleChrome Version33.0.1750.60
GoogleChrome Version33.0.1750.61
GoogleChrome Version33.0.1750.62
GoogleChrome Version33.0.1750.63
GoogleChrome Version33.0.1750.64
GoogleChrome Version33.0.1750.65
GoogleChrome Version33.0.1750.66
GoogleChrome Version33.0.1750.67
GoogleChrome Version33.0.1750.68
GoogleChrome Version33.0.1750.69
GoogleChrome Version33.0.1750.70
GoogleChrome Version33.0.1750.71
GoogleChrome Version33.0.1750.73
GoogleChrome Version33.0.1750.74
GoogleChrome Version33.0.1750.75
GoogleChrome Version33.0.1750.76
GoogleChrome Version33.0.1750.77
GoogleChrome Version33.0.1750.79
GoogleChrome Version33.0.1750.80
GoogleChrome Version33.0.1750.81
GoogleChrome Version33.0.1750.82
GoogleChrome Version33.0.1750.83
GoogleChrome Version33.0.1750.85
GoogleChrome Version33.0.1750.88
GoogleChrome Version33.0.1750.89
GoogleChrome Version33.0.1750.90
GoogleChrome Version33.0.1750.91
GoogleChrome Version33.0.1750.92
GoogleChrome Version33.0.1750.93
GoogleChrome Version33.0.1750.104
GoogleChrome Version33.0.1750.106
GoogleChrome Version33.0.1750.107
GoogleChrome Version33.0.1750.108
GoogleChrome Version33.0.1750.109
GoogleChrome Version33.0.1750.110
GoogleChrome Version33.0.1750.111
GoogleChrome Version33.0.1750.112
GoogleChrome Version33.0.1750.113
GoogleChrome Version33.0.1750.115
GoogleChrome Version33.0.1750.116
GoogleChrome Version33.0.1750.117
GoogleChrome Version33.0.1750.124
GoogleChrome Version33.0.1750.125
GoogleChrome Version33.0.1750.126
GoogleChrome Version33.0.1750.132
GoogleChrome Version33.0.1750.133
GoogleChrome Version33.0.1750.135
GoogleChrome Version33.0.1750.136
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.27% 0.477
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:P/I:P/A:N