CVE-2013-6665
Google Chrome < 33.0.1750.146 - Heap-Based Buffer Overflow in ResourceProvider
Title source: llmDescription
Heap-based buffer overflow in the ResourceProvider::InitializeSoftware function in cc/resources/resource_provider.cc in Google Chrome before 33.0.1750.146 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large texture size that triggers improper memory allocation in the software renderer.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/65930
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=337882
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2014/dsa-2883
Vendor Advisory x_refsource_confirm
http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html
Patch x_refsource_confirm
https://src.chromium.org/viewvc/chrome?revision=250870&view=revision
Scores
EPSS
0.0137
EPSS Percentile
68.6%
Details
CWE
CWE-119
Status
published
Products (50)
google/chrome
33.0.1750.0
google/chrome
33.0.1750.1
google/chrome
33.0.1750.2
google/chrome
33.0.1750.3
google/chrome
33.0.1750.4
google/chrome
33.0.1750.5
google/chrome
33.0.1750.6
google/chrome
33.0.1750.7
google/chrome
33.0.1750.8
google/chrome
33.0.1750.9
... and 40 more
Published
Mar 05, 2014
Tracked Since
Feb 18, 2026