CVE-2013-2853

{"id": "CVE-2013-2853", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-07-10T10:55:01.783", "references": [{"url": "http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=44b400c80726ee5d205a27730a0c846be656a071", "source": "chrome-cve-admin@google.com"}, {"url": "http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=f4f9f4948de5a59462e13ad712d7d9117238aeea", "source": "chrome-cve-admin@google.com"}, {"url": "http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html", "source": "chrome-cve-admin@google.com"}, {"url": "http://www.debian.org/security/2013/dsa-2724", "source": "chrome-cve-admin@google.com"}, {"url": "https://code.google.com/p/chromium/issues/detail?id=244260", "source": "chrome-cve-admin@google.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17033", "source": "chrome-cve-admin@google.com"}, {"url": "http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=44b400c80726ee5d205a27730a0c846be656a071", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=f4f9f4948de5a59462e13ad712d7d9117238aeea", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2013/dsa-2724", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://code.google.com/p/chromium/issues/detail?id=244260", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17033", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are terminated by \\r\\n\\r\\n (carriage return, newline, carriage return, newline), which allows man-in-the-middle attackers to have an unspecified impact via vectors that trigger header truncation."}, {"lang": "es", "value": "La implementaci\u00f3n HTTPS en Google Chrome anterior a 28.0.1500.71 no verifica que las cabeceras finalicen con \\r\\n\\r\\n (retorno de carro, nueva l\u00ednea, retorno de carro, nueva l\u00ednea), lo que permite a atacantes man-in-the-middle, provocar un impacto no especificado a trav\u00e9s de vectores que provocan un truncado de cabecera."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2308189-A2A4-4BF4-9814-8635F24ABBC2", "versionEndIncluding": "28.0.1500.70"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2102F988-D7FE-4C6B-B071-FAB66D89CB0D"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A52A00D-37EB-4E71-A3D5-1A46F1868A41"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "552543B1-4690-4175-A17D-54D7CA08BF2E"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C4EDFF6-400C-45FD-A104-5F4279DAD71B"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EB3D069-0A5A-4D70-B04A-837B5C1B3AD9"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "512D0FC8-F545-4469-90F8-A080AEAB13A6"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79994932-02C8-46D8-8409-C687F7327A4A"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EA6DE3E-E346-41EE-A9AA-D1EE21EF367E"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9C28433-3BB5-45E9-B141-822CEDB91578"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5089A0F8-8304-4103-A52F-0AD4D12AB377"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7907622E-FE9D-458A-B41D-BBDEDDE70B87"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7105D8C1-BE13-4A9C-A1E5-A153C51435BB"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "288DC523-66DD-404E-9C35-19BB8C81AA8C"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FC2E33D-BB49-4973-8D3F-B4067EBBDE10"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46C95C7A-BAC1-49D5-AD31-B379F05B5628"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B037988-A751-4558-8BF0-554A811007A0"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE39F0F7-9B61-4680-AD52-52524E20F110"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DF1CC06-48DA-4384-AFC6-7A1119093459"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6B20E39-F264-41C4-8B18-086E615A77C6"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C057174C-3F75-4407-B9F6-4F1E9D8842FE"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4745501F-8661-4641-8072-E0581BFC41C2"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3BAA9F3-4A9F-4F2D-BE7C-9D8625690215"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E30C28BC-E337-4C6E-9F7D-681039AA541B"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40113089-6D02-4B42-8FB2-B93AE6A0D4CB"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "953AE711-6295-41BC-9B7C-485728946A11"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4A82B23-6C3D-4AAA-B52D-B6B15E226E54"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.28:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F01C37C8-ABF7-4CDC-A718-633E5E103681"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5DEB512-E8ED-4F5F-8031-4AED42B72B27"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CAC9DDD-26D1-4A15-B36C-AE13079F6034"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6F9522B-CF2F-40A8-BA0E-B338A9E871A9"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "179DBEF9-FD04-4C44-A419-E8537A65D340"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B340E512-1D43-4DA2-B3A4-D33A0FB81375"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5263FDC2-B2A7-4AFB-B99D-C1F567A3B4AB"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A61378D0-E81E-4C71-8D87-178DDDFA4867"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8502E889-80C6-4E68-94B3-021EDD41FB2F"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E4E8F52-CFC2-4531-BD67-66978E843DB7"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.39:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9082AAC1-9210-4759-9A6A-D25331936054"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D794F153-0D70-44BB-BF56-15F2B3B3DF95"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.41:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3AF97A34-B96D-4752-8004-EF2580BD3B0B"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.42:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CF3D341-45E3-4741-A5FF-1CA1D1C84105"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.43:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49C331DD-69C4-43E1-A470-ED0CB560D331"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.44:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF1AAE18-3565-463C-ABEA-51E6CBE08F7A"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.45:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8B8408F-14F3-481D-AD1F-5AE2B11FD4DC"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.46:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7804BC53-2543-43B6-AB92-929EEB75704C"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.47:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "577FA02C-A930-43A5-B48F-0236DF20A007"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BE2CE01-CEC2-4F54-A967-4E86E2014024"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.49:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71371339-DD76-41F1-8C1A-59CA3AD04707"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C0FECB8-6EEF-4DF7-BD07-ECA8542FFA06"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.51:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7037832-5B9F-4B8F-BFC0-51B660E14215"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.52:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B0E12DD-4FDD-46BC-B85F-5A828CF8041E"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.53:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "761583AE-9299-4CCD-AAE6-AB031EBF8447"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.54:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "592CE453-782B-4CE5-9396-C9FD9B7EEF88"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.56:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1BB39B0-97DE-47B5-9E86-2B52873687AC"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.58:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "798CA97C-2E50-495E-B57A-4940568F935D"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.59:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30C8219F-FEC8-4318-A94C-251F81BDBD9A"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E323736A-B834-4342-85FB-8FA970C76D88"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.61:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F876E661-9999-4566-88FA-D180DFF2A8C8"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.62:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72233F37-A5DC-4225-81DF-3FE80D3ABB48"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.63:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5064E54C-6B5E-4A23-A970-7AC2CD26401C"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7DF79D2-2CFA-4247-A92A-A998CB234E3F"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.66:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4904FA7-84DD-4433-9FEE-B93D76AEC1F5"}, {"criteria": "cpe:2.3:a:google:chrome:28.0.1500.68:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85DE6B5E-83AD-469D-A497-05B1715C895C"}], "operator": "OR"}]}], "sourceIdentifier": "chrome-cve-admin@google.com"}