Vulnerability Description
Google Chrome before 28.0.1500.71 on Windows, when an Nvidia GPU is used, allows remote attackers to bypass intended restrictions on access to screen data via vectors involving IPC transmission of GL textures.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | <= 28.0.1500.70 | |
| Microsoft | Windows | All versions |
Related Weaknesses (CWE)
References
- http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html
- https://code.google.com/p/chromium/issues/detail?id=237611
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html
- https://code.google.com/p/chromium/issues/detail?id=237611
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2013-2874?
CVE-2013-2874 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Google Chrome before 28.0.1500.71 on Windows, when an Nvidia GPU is used, allows remote attackers to bypass intended restrictions on access to screen data via vectors involving IPC transmission of GL ...
How severe is CVE-2013-2874?
CVE-2013-2874 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-2874?
Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Microsoft Windows.