FKIE_CVE-2013-6659
Vulnerability from fkie_nvd - Published: 2014-02-24 04:48 - Updated: 2025-04-11 00:51
Severity ?
Summary
The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user's expectations, by initiating a TLS renegotiation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| chrome | 33.0.1750.0 | ||
| chrome | 33.0.1750.1 | ||
| chrome | 33.0.1750.2 | ||
| chrome | 33.0.1750.3 | ||
| chrome | 33.0.1750.4 | ||
| chrome | 33.0.1750.5 | ||
| chrome | 33.0.1750.6 | ||
| chrome | 33.0.1750.7 | ||
| chrome | 33.0.1750.8 | ||
| chrome | 33.0.1750.9 | ||
| chrome | 33.0.1750.10 | ||
| chrome | 33.0.1750.11 | ||
| chrome | 33.0.1750.12 | ||
| chrome | 33.0.1750.13 | ||
| chrome | 33.0.1750.14 | ||
| chrome | 33.0.1750.15 | ||
| chrome | 33.0.1750.16 | ||
| chrome | 33.0.1750.18 | ||
| chrome | 33.0.1750.19 | ||
| chrome | 33.0.1750.20 | ||
| chrome | 33.0.1750.21 | ||
| chrome | 33.0.1750.22 | ||
| chrome | 33.0.1750.23 | ||
| chrome | 33.0.1750.24 | ||
| chrome | 33.0.1750.25 | ||
| chrome | 33.0.1750.26 | ||
| chrome | 33.0.1750.27 | ||
| chrome | 33.0.1750.28 | ||
| chrome | 33.0.1750.29 | ||
| chrome | 33.0.1750.30 | ||
| chrome | 33.0.1750.31 | ||
| chrome | 33.0.1750.34 | ||
| chrome | 33.0.1750.35 | ||
| chrome | 33.0.1750.36 | ||
| chrome | 33.0.1750.37 | ||
| chrome | 33.0.1750.38 | ||
| chrome | 33.0.1750.39 | ||
| chrome | 33.0.1750.40 | ||
| chrome | 33.0.1750.41 | ||
| chrome | 33.0.1750.42 | ||
| chrome | 33.0.1750.43 | ||
| chrome | 33.0.1750.44 | ||
| chrome | 33.0.1750.45 | ||
| chrome | 33.0.1750.46 | ||
| chrome | 33.0.1750.47 | ||
| chrome | 33.0.1750.48 | ||
| chrome | 33.0.1750.49 | ||
| chrome | 33.0.1750.50 | ||
| chrome | 33.0.1750.51 | ||
| chrome | 33.0.1750.52 | ||
| chrome | 33.0.1750.53 | ||
| chrome | 33.0.1750.54 | ||
| chrome | 33.0.1750.55 | ||
| chrome | 33.0.1750.56 | ||
| chrome | 33.0.1750.57 | ||
| chrome | 33.0.1750.58 | ||
| chrome | 33.0.1750.59 | ||
| chrome | 33.0.1750.60 | ||
| chrome | 33.0.1750.61 | ||
| chrome | 33.0.1750.62 | ||
| chrome | 33.0.1750.63 | ||
| chrome | 33.0.1750.64 | ||
| chrome | 33.0.1750.65 | ||
| chrome | 33.0.1750.66 | ||
| chrome | 33.0.1750.67 | ||
| chrome | 33.0.1750.68 | ||
| chrome | 33.0.1750.69 | ||
| chrome | 33.0.1750.70 | ||
| chrome | 33.0.1750.71 | ||
| chrome | 33.0.1750.73 | ||
| chrome | 33.0.1750.74 | ||
| chrome | 33.0.1750.75 | ||
| chrome | 33.0.1750.76 | ||
| chrome | 33.0.1750.77 | ||
| chrome | 33.0.1750.79 | ||
| chrome | 33.0.1750.80 | ||
| chrome | 33.0.1750.81 | ||
| chrome | 33.0.1750.82 | ||
| chrome | 33.0.1750.83 | ||
| chrome | 33.0.1750.85 | ||
| chrome | 33.0.1750.88 | ||
| chrome | 33.0.1750.89 | ||
| chrome | 33.0.1750.90 | ||
| chrome | 33.0.1750.91 | ||
| chrome | 33.0.1750.92 | ||
| chrome | 33.0.1750.93 | ||
| chrome | 33.0.1750.104 | ||
| chrome | 33.0.1750.106 | ||
| chrome | 33.0.1750.107 | ||
| chrome | 33.0.1750.108 | ||
| chrome | 33.0.1750.109 | ||
| chrome | 33.0.1750.110 | ||
| chrome | 33.0.1750.111 | ||
| chrome | 33.0.1750.112 | ||
| chrome | 33.0.1750.113 | ||
| chrome | 33.0.1750.115 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3666F6-4954-4A0B-ADC3-C9B9285D5BAA",
"versionEndIncluding": "33.0.1750.116",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B702C2-083D-46B9-9B31-1D974FBE4190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D4C6EAD-1414-4E1A-8535-31D7DE1B1A63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.2:*:*:*:*:*:*:*",
"matchCriteriaId": "16C5F36A-63B5-4DCB-93FC-BEFB31E12689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F425088C-CC28-41AC-9F14-4A4F6E63B865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF9A555-391F-4F39-A9B2-5C864015256B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA76734E-6604-4CDD-9141-BF0BBE05F736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A513C8B2-4026-40BF-8770-6AB4550C2352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.7:*:*:*:*:*:*:*",
"matchCriteriaId": "152F7E36-2716-43F4-B251-7195A3206952",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.8:*:*:*:*:*:*:*",
"matchCriteriaId": "157463C3-CB07-41BA-8527-C047E88013A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B5240466-55A1-4767-9BD1-122411EF8C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2E4B17-5832-4B49-9CA8-3F92B7AFAE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.11:*:*:*:*:*:*:*",
"matchCriteriaId": "01488955-E181-448B-BD5A-946A66D5493E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8BCBFC3C-63F7-4B9B-8D94-7334FB7F0EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A6C77B47-BD9F-40A9-8482-AA20CA0FA823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.14:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD2BF1C-CFF1-4310-B0B4-A26BFA68868A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0F327FEE-5500-4AA3-BEC6-0F625305F2FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8CE5AB-7722-4C50-AC11-948C117984C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.18:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1248F8-FF76-4186-89F3-CBE5696E5347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EEE80E-73EB-4C22-AE9E-045664FBBE22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CA2D67-43C1-4438-9C12-452DCC090A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.21:*:*:*:*:*:*:*",
"matchCriteriaId": "AAAA310F-8E93-4FC2-8B79-C09F18B25BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96FAA317-56CC-42A1-9102-E2BEA4421D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.23:*:*:*:*:*:*:*",
"matchCriteriaId": "30AC9E40-5362-4A3A-8EC3-5D99A24FAD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.24:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C25460-6472-4DE3-BD7A-E47AC0ECB56C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.25:*:*:*:*:*:*:*",
"matchCriteriaId": "95E2C59C-7399-4347-BC5D-3345A2940E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.26:*:*:*:*:*:*:*",
"matchCriteriaId": "9C933326-6E6D-4DE6-9F95-42403901FF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.27:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6C47B0-BDAC-4C53-B1A7-E580CE7B8F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.28:*:*:*:*:*:*:*",
"matchCriteriaId": "0D60B297-F755-4FFD-B7C3-E01A164DC0C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.29:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A8E793-A73E-4255-99E9-4D0BC6E4C0F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.30:*:*:*:*:*:*:*",
"matchCriteriaId": "2B20DC1B-B8DD-4B52-BA2E-89BC5E993C9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.31:*:*:*:*:*:*:*",
"matchCriteriaId": "618FD568-E766-4A36-84B3-D07E92B69ACC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.34:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2AF349-B386-4DA3-8FFB-5ABC92D13FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.35:*:*:*:*:*:*:*",
"matchCriteriaId": "A0825DC0-2D08-4552-AA24-D823694DCEB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.36:*:*:*:*:*:*:*",
"matchCriteriaId": "9086DA40-25B8-409C-8DC5-C501E8F79F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.37:*:*:*:*:*:*:*",
"matchCriteriaId": "0EBD8A08-F330-42C9-9F48-03D1AFD7A10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.38:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1117D4-35D8-498C-A2FB-CF28E3CDB3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.39:*:*:*:*:*:*:*",
"matchCriteriaId": "1BF13799-F69A-4354-BC3D-737A5F36E3F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.40:*:*:*:*:*:*:*",
"matchCriteriaId": "79D398C2-9EED-480C-B32B-705755CEB59B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.41:*:*:*:*:*:*:*",
"matchCriteriaId": "62405FD2-8482-438B-9C4A-7CDAD2574E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.42:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD718C6-4FEA-487F-9E8C-4AB3A1838302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.43:*:*:*:*:*:*:*",
"matchCriteriaId": "6445AD42-E14C-4E85-9A42-FD29F5BC30AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.44:*:*:*:*:*:*:*",
"matchCriteriaId": "9E12FC87-01D1-464D-A311-CC4BB07712F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.45:*:*:*:*:*:*:*",
"matchCriteriaId": "C4146B78-C168-4567-B6F8-926B337FBF25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.46:*:*:*:*:*:*:*",
"matchCriteriaId": "4BA4EF23-D134-41F1-9649-4D41CB61E5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.47:*:*:*:*:*:*:*",
"matchCriteriaId": "A37F46D1-AFBD-4C99-8754-9A7425AD930B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.48:*:*:*:*:*:*:*",
"matchCriteriaId": "48F5D234-E5A0-4597-8DE1-9444E654B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.49:*:*:*:*:*:*:*",
"matchCriteriaId": "400E408D-80C3-4F5F-90A1-D021737CC56A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.50:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9E3A9F-21D3-425B-8579-00760123F3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.51:*:*:*:*:*:*:*",
"matchCriteriaId": "004F59DD-8048-43BC-8825-4D16AA3C2A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.52:*:*:*:*:*:*:*",
"matchCriteriaId": "899F83C8-9E62-4F24-B700-6E8923E3CC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.53:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB3A7F9-CB39-465F-BDE6-BDA45BFA2C23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.54:*:*:*:*:*:*:*",
"matchCriteriaId": "DEB08D2F-D16B-4EA0-8E93-B2CB029EC615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.55:*:*:*:*:*:*:*",
"matchCriteriaId": "2D8AF8A1-D6C1-41C4-8700-0DE6AE36F580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.56:*:*:*:*:*:*:*",
"matchCriteriaId": "01417CE6-D5BD-4F21-ACD7-4E043F185CD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.57:*:*:*:*:*:*:*",
"matchCriteriaId": "740E7BA5-DB23-4446-AA77-A5D89C1D0D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.58:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2FD596-144B-487A-B4D7-757B8C314250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.59:*:*:*:*:*:*:*",
"matchCriteriaId": "4E86041C-5CB9-40A8-916E-45B55A555995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.60:*:*:*:*:*:*:*",
"matchCriteriaId": "C92F9C20-B758-4B96-A828-6DE47E8A829C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.61:*:*:*:*:*:*:*",
"matchCriteriaId": "89EBAC78-C8F5-4B92-9E59-725E32A5421A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.62:*:*:*:*:*:*:*",
"matchCriteriaId": "358FFC27-5E22-4CA1-82E7-9D4FA629FE88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.63:*:*:*:*:*:*:*",
"matchCriteriaId": "910E8BF3-3C9E-41E0-81D1-597FE30C7315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.64:*:*:*:*:*:*:*",
"matchCriteriaId": "D677EA9A-6660-4F50-A2B1-3E2F391920F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.65:*:*:*:*:*:*:*",
"matchCriteriaId": "38F4B138-D297-4D13-86A5-35F906447E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.66:*:*:*:*:*:*:*",
"matchCriteriaId": "1E46BE1B-F522-43F6-9333-702EFF2713D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.67:*:*:*:*:*:*:*",
"matchCriteriaId": "B8666DC3-7638-4130-9F95-4408DD5F660A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.68:*:*:*:*:*:*:*",
"matchCriteriaId": "E680816E-9641-4E14-8775-35458534E1D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.69:*:*:*:*:*:*:*",
"matchCriteriaId": "ABFA742A-50C4-46A9-AAE7-29A642F637A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.70:*:*:*:*:*:*:*",
"matchCriteriaId": "CC75D010-BC64-440E-A426-DA0117CE6407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.71:*:*:*:*:*:*:*",
"matchCriteriaId": "03784488-72E5-4E32-B507-89571DE61697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4C33E433-14E7-469D-B02F-A3D7DB8C77C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.74:*:*:*:*:*:*:*",
"matchCriteriaId": "239D5A00-B33C-4AA1-96F1-AF960928394C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.75:*:*:*:*:*:*:*",
"matchCriteriaId": "D60D8B55-EECB-48D3-BE09-B1964A0D3170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.76:*:*:*:*:*:*:*",
"matchCriteriaId": "4C75D512-48AF-4D74-8644-7EF100D96F47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.77:*:*:*:*:*:*:*",
"matchCriteriaId": "66E3400D-8A75-45E9-AFDC-366AC0C86323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.79:*:*:*:*:*:*:*",
"matchCriteriaId": "BF597FC6-FF2F-44C5-9C9C-9E0C4437C66D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.80:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B32192-D874-41C8-B1B9-5C99B12D93B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.81:*:*:*:*:*:*:*",
"matchCriteriaId": "57019F85-3B0C-40C5-AEFF-ECE1FFB87DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.82:*:*:*:*:*:*:*",
"matchCriteriaId": "B83518FA-7E1C-41A1-BFB1-90CC1955339B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.83:*:*:*:*:*:*:*",
"matchCriteriaId": "342112D8-CAEF-42FF-8A1D-71391CBD7FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.85:*:*:*:*:*:*:*",
"matchCriteriaId": "8B07E8DC-420B-4A8C-B19B-135AEF38B96A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.88:*:*:*:*:*:*:*",
"matchCriteriaId": "8840A482-3305-43DE-812A-72CE1124C718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.89:*:*:*:*:*:*:*",
"matchCriteriaId": "CC532185-B2B9-46C3-9626-FB8C67C8DFB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.90:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC0ED28-201A-4E21-8864-AC85F3E53F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.91:*:*:*:*:*:*:*",
"matchCriteriaId": "61260ECB-4DA8-4313-9077-6F87592EC45A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.92:*:*:*:*:*:*:*",
"matchCriteriaId": "6E03ADCE-5009-4364-9308-18956EE2172F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.93:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9BB86D-B853-4FB6-8CE9-7D30E04E47C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.104:*:*:*:*:*:*:*",
"matchCriteriaId": "E9EEF2AC-83CE-40AD-820E-CAA669A848F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.106:*:*:*:*:*:*:*",
"matchCriteriaId": "8479F4C0-1097-4BBB-855E-FBDFD3065482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.107:*:*:*:*:*:*:*",
"matchCriteriaId": "82A5CAA6-89B4-4C53-BDCC-FA0248262836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.108:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF184C5-9AA7-4C6A-B9E1-208297A21A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.109:*:*:*:*:*:*:*",
"matchCriteriaId": "E95FF3AE-1EEC-471F-8927-6C12FA766EB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.110:*:*:*:*:*:*:*",
"matchCriteriaId": "5A154FBB-A21F-4496-BB35-18845095A657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.111:*:*:*:*:*:*:*",
"matchCriteriaId": "4256B074-FC64-481E-9AA6-19D0A3E469FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.112:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4CB1AD-C8D7-41EE-BC3A-E66C325F2F26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.113:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3B7E15-A59D-4C01-89EB-13F4639A4BEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:33.0.1750.115:*:*:*:*:*:*:*",
"matchCriteriaId": "3A573C2D-81F8-4D2E-8605-F3727FA7C121",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user\u0027s expectations, by initiating a TLS renegotiation."
},
{
"lang": "es",
"value": "La funci\u00f3n SSLClientSocketNSS::Core::OwnAuthCertHandler en net/socket/ssl_client_socket_nss.cc en Google Chrome anterior a 33.0.1750.117 no previene debidamente los cambios en los certificados del servidor X.509 durante las renegociaciones, lo que permite a servidores remotos de SSL provocar el uso de una cadena nueva de certificaci\u00f3n, inconsistente con las expectativas del usuario, mediante la iniciaci\u00f3n de una renegociaci\u00f3n de TLS."
}
],
"id": "CVE-2013-6659",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-24T04:48:10.100",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2014/dsa-2883"
},
{
"source": "cve@mitre.org",
"url": "https://code.google.com/p/chromium/issues/detail?id=306959"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://src.chromium.org/viewvc/chrome?revision=229611\u0026view=revision"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://code.google.com/p/chromium/issues/detail?id=306959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://src.chromium.org/viewvc/chrome?revision=229611\u0026view=revision"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…