CVE-2013-2853

Published Jul 10, 2013
Last updated a year ago
Overview

Description: The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are terminated by \r\n\r\n (carriage return, newline, carriage return, newline), which allows man-in-the-middle attackers to have an unspecified impact via vectors that trigger header truncation.
Source: chrome-cve-admin@google.com
NVD status: Modified
Hype score: Not currently trending
Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2308189-A2A4-4BF4-9814-8635F24ABBC2",
            "versionEndIncluding": "28.0.1500.70"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2102F988-D7FE-4C6B-B071-FAB66D89CB0D"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A52A00D-37EB-4E71-A3D5-1A46F1868A41"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "552543B1-4690-4175-A17D-54D7CA08BF2E"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C4EDFF6-400C-45FD-A104-5F4279DAD71B"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EB3D069-0A5A-4D70-B04A-837B5C1B3AD9"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "512D0FC8-F545-4469-90F8-A080AEAB13A6"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79994932-02C8-46D8-8409-C687F7327A4A"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8EA6DE3E-E346-41EE-A9AA-D1EE21EF367E"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9C28433-3BB5-45E9-B141-822CEDB91578"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5089A0F8-8304-4103-A52F-0AD4D12AB377"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7907622E-FE9D-458A-B41D-BBDEDDE70B87"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7105D8C1-BE13-4A9C-A1E5-A153C51435BB"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "288DC523-66DD-404E-9C35-19BB8C81AA8C"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FC2E33D-BB49-4973-8D3F-B4067EBBDE10"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46C95C7A-BAC1-49D5-AD31-B379F05B5628"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B037988-A751-4558-8BF0-554A811007A0"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE39F0F7-9B61-4680-AD52-52524E20F110"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DF1CC06-48DA-4384-AFC6-7A1119093459"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6B20E39-F264-41C4-8B18-086E615A77C6"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C057174C-3F75-4407-B9F6-4F1E9D8842FE"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4745501F-8661-4641-8072-E0581BFC41C2"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3BAA9F3-4A9F-4F2D-BE7C-9D8625690215"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E30C28BC-E337-4C6E-9F7D-681039AA541B"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40113089-6D02-4B42-8FB2-B93AE6A0D4CB"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "953AE711-6295-41BC-9B7C-485728946A11"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4A82B23-6C3D-4AAA-B52D-B6B15E226E54"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F01C37C8-ABF7-4CDC-A718-633E5E103681"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5DEB512-E8ED-4F5F-8031-4AED42B72B27"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CAC9DDD-26D1-4A15-B36C-AE13079F6034"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6F9522B-CF2F-40A8-BA0E-B338A9E871A9"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "179DBEF9-FD04-4C44-A419-E8537A65D340"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B340E512-1D43-4DA2-B3A4-D33A0FB81375"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5263FDC2-B2A7-4AFB-B99D-C1F567A3B4AB"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A61378D0-E81E-4C71-8D87-178DDDFA4867"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.37:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8502E889-80C6-4E68-94B3-021EDD41FB2F"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.38:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E4E8F52-CFC2-4531-BD67-66978E843DB7"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.39:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9082AAC1-9210-4759-9A6A-D25331936054"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D794F153-0D70-44BB-BF56-15F2B3B3DF95"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AF97A34-B96D-4752-8004-EF2580BD3B0B"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CF3D341-45E3-4741-A5FF-1CA1D1C84105"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.43:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49C331DD-69C4-43E1-A470-ED0CB560D331"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.44:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF1AAE18-3565-463C-ABEA-51E6CBE08F7A"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.45:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8B8408F-14F3-481D-AD1F-5AE2B11FD4DC"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.46:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7804BC53-2543-43B6-AB92-929EEB75704C"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.47:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "577FA02C-A930-43A5-B48F-0236DF20A007"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.48:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BE2CE01-CEC2-4F54-A967-4E86E2014024"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.49:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71371339-DD76-41F1-8C1A-59CA3AD04707"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C0FECB8-6EEF-4DF7-BD07-ECA8542FFA06"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7037832-5B9F-4B8F-BFC0-51B660E14215"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.52:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B0E12DD-4FDD-46BC-B85F-5A828CF8041E"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "761583AE-9299-4CCD-AAE6-AB031EBF8447"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.54:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "592CE453-782B-4CE5-9396-C9FD9B7EEF88"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.56:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1BB39B0-97DE-47B5-9E86-2B52873687AC"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.58:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "798CA97C-2E50-495E-B57A-4940568F935D"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.59:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30C8219F-FEC8-4318-A94C-251F81BDBD9A"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.60:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E323736A-B834-4342-85FB-8FA970C76D88"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.61:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F876E661-9999-4566-88FA-D180DFF2A8C8"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.62:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72233F37-A5DC-4225-81DF-3FE80D3ABB48"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.63:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5064E54C-6B5E-4A23-A970-7AC2CD26401C"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.64:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7DF79D2-2CFA-4247-A92A-A998CB234E3F"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.66:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4904FA7-84DD-4433-9FEE-B93D76AEC1F5"
          },
          {
            "criteria": "cpe:2.3:a:google:chrome:28.0.1500.68:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85DE6B5E-83AD-469D-A497-05B1715C895C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References
