Vulnerability-Lookup

CVE-2013-2850 (GCVE-0-2013-2850)

Vulnerability from cvelistv5 – Published: 2013-06-07 10:00 – Updated: 2024-08-06 15:52

Summary

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.

Severity ?

No CVSS data available.

CWE

Assigner

Chrome

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2013/06/01/2	mailing-listx_refsource_MLIST
	http://git.kernel.org/?p=linux/kernel/git/torvald…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.ubuntu.com/usn/USN-1844-1	vendor-advisoryx_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-1846-1	vendor-advisoryx_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/cea4dcfd…	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=968036	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1845-1	vendor-advisoryx_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-1847-1	vendor-advisoryx_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:52:20.080Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2013:1043",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00018.html"
          },
          {
            "name": "openSUSE-SU-2013:1005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00011.html"
          },
          {
            "name": "[oss-security] 20130601 CVE-2013-2850: Linux kernel iSCSI target heap overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/06/01/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cea4dcfdad926a27a18e188720efe0f2c9403456"
          },
          {
            "name": "SUSE-SU-2013:0845",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00017.html"
          },
          {
            "name": "USN-1844-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1844-1"
          },
          {
            "name": "USN-1846-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1846-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=968036"
          },
          {
            "name": "USN-1845-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1845-1"
          },
          {
            "name": "USN-1847-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1847-1"
          },
          {
            "name": "openSUSE-SU-2013:1042",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-06-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-12-01T18:08:03.000Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "name": "openSUSE-SU-2013:1043",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00018.html"
        },
        {
          "name": "openSUSE-SU-2013:1005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00011.html"
        },
        {
          "name": "[oss-security] 20130601 CVE-2013-2850: Linux kernel iSCSI target heap overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/06/01/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cea4dcfdad926a27a18e188720efe0f2c9403456"
        },
        {
          "name": "SUSE-SU-2013:0845",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00017.html"
        },
        {
          "name": "USN-1844-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1844-1"
        },
        {
          "name": "USN-1846-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1846-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=968036"
        },
        {
          "name": "USN-1845-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1845-1"
        },
        {
          "name": "USN-1847-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1847-1"
        },
        {
          "name": "openSUSE-SU-2013:1042",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2013-2850",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2013:1043",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00018.html"
            },
            {
              "name": "openSUSE-SU-2013:1005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00011.html"
            },
            {
              "name": "[oss-security] 20130601 CVE-2013-2850: Linux kernel iSCSI target heap overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2013/06/01/2"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cea4dcfdad926a27a18e188720efe0f2c9403456",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cea4dcfdad926a27a18e188720efe0f2c9403456"
            },
            {
              "name": "SUSE-SU-2013:0845",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00017.html"
            },
            {
              "name": "USN-1844-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1844-1"
            },
            {
              "name": "USN-1846-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1846-1"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=968036",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=968036"
            },
            {
              "name": "USN-1845-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1845-1"
            },
            {
              "name": "USN-1847-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1847-1"
            },
            {
              "name": "openSUSE-SU-2013:1042",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2013-2850",
    "datePublished": "2013-06-07T10:00:00.000Z",
    "dateReserved": "2013-04-11T00:00:00.000Z",
    "dateUpdated": "2024-08-06T15:52:20.080Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2013-AVI-412

Vulnerability from certfr_avis - Published: 2013-07-15 - Updated: 2013-07-15

De multiples vulnérabilités ont été corrigées dans le noyau Linux de Mandriva. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Mandriva version Business Server 1 pour x86_64

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Mandriva MDVSA-2013:194 du 11 juillet 2013	None	vendor-advisory
Bulletin de sécurité Mandriva MDVSA-2013:194 du 11 juillet 2013	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eMandriva version Business Server 1 pour x86_64\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-2851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2851"
    },
    {
      "name": "CVE-2013-2232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2232"
    },
    {
      "name": "CVE-2013-0231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0231"
    },
    {
      "name": "CVE-2013-2164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2164"
    },
    {
      "name": "CVE-2013-2850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2850"
    },
    {
      "name": "CVE-2013-1774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1774"
    },
    {
      "name": "CVE-2013-3301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3301"
    },
    {
      "name": "CVE-2013-2148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2148"
    },
    {
      "name": "CVE-2013-2234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2234"
    },
    {
      "name": "CVE-2013-2852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2852"
    },
    {
      "name": "CVE-2012-5517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5517"
    },
    {
      "name": "CVE-2013-1059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1059"
    },
    {
      "name": "CVE-2013-2147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2147"
    },
    {
      "name": "CVE-2013-2237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2237"
    }
  ],
  "initial_release_date": "2013-07-15T00:00:00",
  "last_revision_date": "2013-07-15T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2013:194 du 11 juillet    2013",
      "url": "http://www.mandriva.com/fr/support/security/advisories/mbs1/MDVSA-2013:194/"
    }
  ],
  "reference": "CERTA-2013-AVI-412",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-07-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux de\n\u003cspan class=\"textit\"\u003eMandriva\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Mandriva",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2013:194 du 11 juillet 2013",
      "url": null
    }
  ]
}

CERTA-2013-AVI-336

Vulnerability from certfr_avis - Published: 2013-05-31 - Updated: 2013-05-31

De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Ubuntu version 12.04 LTS

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-1844-1 du 30 mai 2013	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-1849-1 du 30 mai 2013	None	vendor-advisory
Bulletin de sécurité ubuntu USN-1849-1 du 30 mai 2013	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eUbuntu version 12.04 LTS\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-3228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3228"
    },
    {
      "name": "CVE-2013-3076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3076"
    },
    {
      "name": "CVE-2013-3230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3230"
    },
    {
      "name": "CVE-2013-3225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3225"
    },
    {
      "name": "CVE-2013-3235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3235"
    },
    {
      "name": "CVE-2013-3233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3233"
    },
    {
      "name": "CVE-2013-3223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3223"
    },
    {
      "name": "CVE-2013-2850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2850"
    },
    {
      "name": "CVE-2013-3234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3234"
    },
    {
      "name": "CVE-2013-3222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3222"
    },
    {
      "name": "CVE-2013-2094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2094"
    },
    {
      "name": "CVE-2013-3231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3231"
    },
    {
      "name": "CVE-2013-3229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3229"
    },
    {
      "name": "CVE-2013-3226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3226"
    },
    {
      "name": "CVE-2013-3227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3227"
    },
    {
      "name": "CVE-2013-3224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3224"
    }
  ],
  "initial_release_date": "2013-05-31T00:00:00",
  "last_revision_date": "2013-05-31T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 ubuntu USN-1849-1 du 30 mai 2013",
      "url": "http://www.ubuntu.com/usn/usn-1849-1/"
    }
  ],
  "reference": "CERTA-2013-AVI-336",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-05-31T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nun d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-1844-1 du 30 mai 2013",
      "url": "http://www.ubuntu.com/usn/usn-1844-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-1849-1 du 30 mai 2013",
      "url": null
    }
  ]
}

GHSA-88VM-8XXR-9JWQ

Vulnerability from github – Published: 2022-05-17 04:56 – Updated: 2025-04-11 04:10

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-2850"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-06-07T14:03:00Z",
    "severity": "HIGH"
  },
  "details": "Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.",
  "id": "GHSA-88vm-8xxr-9jwq",
  "modified": "2025-04-11T04:10:53Z",
  "published": "2022-05-17T04:56:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2850"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=968036"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cea4dcfdad926a27a18e188720efe0f2c9403456"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cea4dcfdad926a27a18e188720efe0f2c9403456"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00018.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2013/06/01/2"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1844-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1845-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1846-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1847-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2013-2850

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-2850

Aliases

CVE-2013-2850

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-2850",
    "description": "Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.",
    "id": "GSD-2013-2850",
    "references": [
      "https://www.suse.com/security/cve/CVE-2013-2850.html",
      "https://access.redhat.com/errata/RHSA-2013:1264",
      "https://advisories.mageia.org/CVE-2013-2850.html",
      "https://linux.oracle.com/cve/CVE-2013-2850.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-2850"
      ],
      "details": "Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.",
      "id": "GSD-2013-2850",
      "modified": "2023-12-13T01:22:18.288312Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@google.com",
        "ID": "CVE-2013-2850",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "openSUSE-SU-2013:1043",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00018.html"
          },
          {
            "name": "openSUSE-SU-2013:1005",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00011.html"
          },
          {
            "name": "[oss-security] 20130601 CVE-2013-2850: Linux kernel iSCSI target heap overflow",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2013/06/01/2"
          },
          {
            "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cea4dcfdad926a27a18e188720efe0f2c9403456",
            "refsource": "CONFIRM",
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cea4dcfdad926a27a18e188720efe0f2c9403456"
          },
          {
            "name": "SUSE-SU-2013:0845",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00017.html"
          },
          {
            "name": "USN-1844-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1844-1"
          },
          {
            "name": "USN-1846-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1846-1"
          },
          {
            "name": "https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456",
            "refsource": "CONFIRM",
            "url": "https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=968036",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=968036"
          },
          {
            "name": "USN-1845-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1845-1"
          },
          {
            "name": "USN-1847-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1847-1"
          },
          {
            "name": "openSUSE-SU-2013:1042",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.2.47",
                "versionStartIncluding": "3.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.4.48",
                "versionStartIncluding": "3.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.9.5",
                "versionStartIncluding": "3.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2013-2850"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cea4dcfdad926a27a18e188720efe0f2c9403456",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cea4dcfdad926a27a18e188720efe0f2c9403456"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=968036",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=968036"
            },
            {
              "name": "[oss-security] 20130601 CVE-2013-2850: Linux kernel iSCSI target heap overflow",
              "refsource": "MLIST",
              "tags": [
                "Mailing List"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/06/01/2"
            },
            {
              "name": "openSUSE-SU-2013:1005",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00011.html"
            },
            {
              "name": "openSUSE-SU-2013:1042",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html"
            },
            {
              "name": "openSUSE-SU-2013:1043",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00018.html"
            },
            {
              "name": "USN-1845-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1845-1"
            },
            {
              "name": "USN-1844-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1844-1"
            },
            {
              "name": "USN-1846-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1846-1"
            },
            {
              "name": "USN-1847-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1847-1"
            },
            {
              "name": "SUSE-SU-2013:0845",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00017.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 5.5,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-01-19T15:48Z",
      "publishedDate": "2013-06-07T14:03Z"
    }
  }
}

FKIE_CVE-2013-2850

Vulnerability from fkie_nvd - Published: 2013-06-07 14:03 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

	URL	Tags
	chrome-cve-admin@google.com	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cea4dcfdad926a27a18e188720efe0f2c9403456
	chrome-cve-admin@google.com	http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00017.html
	chrome-cve-admin@google.com	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00011.html
	chrome-cve-admin@google.com	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html
	chrome-cve-admin@google.com	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00018.html
	chrome-cve-admin@google.com	http://www.openwall.com/lists/oss-security/2013/06/01/2
	chrome-cve-admin@google.com	http://www.ubuntu.com/usn/USN-1844-1
	chrome-cve-admin@google.com	http://www.ubuntu.com/usn/USN-1845-1
	chrome-cve-admin@google.com	http://www.ubuntu.com/usn/USN-1846-1
	chrome-cve-admin@google.com	http://www.ubuntu.com/usn/USN-1847-1
	chrome-cve-admin@google.com	https://bugzilla.redhat.com/show_bug.cgi?id=968036
	chrome-cve-admin@google.com	https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456
	af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cea4dcfdad926a27a18e188720efe0f2c9403456
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00017.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00011.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00018.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2013/06/01/2
	af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1844-1
	af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1845-1
	af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1846-1
	af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1847-1
	af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=968036
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AEE466E-A19C-43FB-8D75-B2F16C7303D9",
              "versionEndExcluding": "3.2.47",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC140BA9-045E-4FF9-B307-4A190213C746",
              "versionEndExcluding": "3.4.48",
              "versionStartIncluding": "3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BFF5824-218F-4974-BE73-BC9768A88FF1",
              "versionEndExcluding": "3.9.5",
              "versionStartIncluding": "3.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en la funci\u00f3n iscsi_add_notunderstood_response en drivers/target/iscsi/iscsi_target_parameters.c en el subsistema de destino iSCSI en Linux kernel hasta v3.9.4 lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y OOPS) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una clave larga que no se maneja adecuadamente durante construcci\u00f3n de un paquete de respuesta de error."
    }
  ],
  "id": "CVE-2013-2850",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 5.5,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-06-07T14:03:19.923",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cea4dcfdad926a27a18e188720efe0f2c9403456"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00017.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00011.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00018.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.openwall.com/lists/oss-security/2013/06/01/2"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.ubuntu.com/usn/USN-1844-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.ubuntu.com/usn/USN-1845-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.ubuntu.com/usn/USN-1846-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.ubuntu.com/usn/USN-1847-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=968036"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cea4dcfdad926a27a18e188720efe0f2c9403456"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00018.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2013/06/01/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1844-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1845-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1846-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1847-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=968036"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-2850 (GCVE-0-2013-2850)

CERTA-2013-AVI-412

Solution

CERTA-2013-AVI-336

Solution

GHSA-88VM-8XXR-9JWQ

GSD-2013-2850

FKIE_CVE-2013-2850

Tags

Sightings

Nomenclature