CVE Vulnerabilities

CVE-2013-2853

Published: Jul 10, 2013 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are terminated by rnrn (carriage return, newline, carriage return, newline), which allows man-in-the-middle attackers to have an unspecified impact via vectors that trigger header truncation.

Affected Software

Name Vendor Start Version End Version
Chrome Google * 28.0.1500.70 (including)
Chrome Google 28.0.1500.0 (including) 28.0.1500.0 (including)
Chrome Google 28.0.1500.2 (including) 28.0.1500.2 (including)
Chrome Google 28.0.1500.3 (including) 28.0.1500.3 (including)
Chrome Google 28.0.1500.4 (including) 28.0.1500.4 (including)
Chrome Google 28.0.1500.5 (including) 28.0.1500.5 (including)
Chrome Google 28.0.1500.6 (including) 28.0.1500.6 (including)
Chrome Google 28.0.1500.8 (including) 28.0.1500.8 (including)
Chrome Google 28.0.1500.9 (including) 28.0.1500.9 (including)
Chrome Google 28.0.1500.10 (including) 28.0.1500.10 (including)
Chrome Google 28.0.1500.11 (including) 28.0.1500.11 (including)
Chrome Google 28.0.1500.12 (including) 28.0.1500.12 (including)
Chrome Google 28.0.1500.13 (including) 28.0.1500.13 (including)
Chrome Google 28.0.1500.14 (including) 28.0.1500.14 (including)
Chrome Google 28.0.1500.15 (including) 28.0.1500.15 (including)
Chrome Google 28.0.1500.16 (including) 28.0.1500.16 (including)
Chrome Google 28.0.1500.17 (including) 28.0.1500.17 (including)
Chrome Google 28.0.1500.18 (including) 28.0.1500.18 (including)
Chrome Google 28.0.1500.19 (including) 28.0.1500.19 (including)
Chrome Google 28.0.1500.20 (including) 28.0.1500.20 (including)
Chrome Google 28.0.1500.21 (including) 28.0.1500.21 (including)
Chrome Google 28.0.1500.22 (including) 28.0.1500.22 (including)
Chrome Google 28.0.1500.23 (including) 28.0.1500.23 (including)
Chrome Google 28.0.1500.24 (including) 28.0.1500.24 (including)
Chrome Google 28.0.1500.25 (including) 28.0.1500.25 (including)
Chrome Google 28.0.1500.26 (including) 28.0.1500.26 (including)
Chrome Google 28.0.1500.27 (including) 28.0.1500.27 (including)
Chrome Google 28.0.1500.28 (including) 28.0.1500.28 (including)
Chrome Google 28.0.1500.29 (including) 28.0.1500.29 (including)
Chrome Google 28.0.1500.31 (including) 28.0.1500.31 (including)
Chrome Google 28.0.1500.32 (including) 28.0.1500.32 (including)
Chrome Google 28.0.1500.33 (including) 28.0.1500.33 (including)
Chrome Google 28.0.1500.34 (including) 28.0.1500.34 (including)
Chrome Google 28.0.1500.35 (including) 28.0.1500.35 (including)
Chrome Google 28.0.1500.36 (including) 28.0.1500.36 (including)
Chrome Google 28.0.1500.37 (including) 28.0.1500.37 (including)
Chrome Google 28.0.1500.38 (including) 28.0.1500.38 (including)
Chrome Google 28.0.1500.39 (including) 28.0.1500.39 (including)
Chrome Google 28.0.1500.40 (including) 28.0.1500.40 (including)
Chrome Google 28.0.1500.41 (including) 28.0.1500.41 (including)
Chrome Google 28.0.1500.42 (including) 28.0.1500.42 (including)
Chrome Google 28.0.1500.43 (including) 28.0.1500.43 (including)
Chrome Google 28.0.1500.44 (including) 28.0.1500.44 (including)
Chrome Google 28.0.1500.45 (including) 28.0.1500.45 (including)
Chrome Google 28.0.1500.46 (including) 28.0.1500.46 (including)
Chrome Google 28.0.1500.47 (including) 28.0.1500.47 (including)
Chrome Google 28.0.1500.48 (including) 28.0.1500.48 (including)
Chrome Google 28.0.1500.49 (including) 28.0.1500.49 (including)
Chrome Google 28.0.1500.50 (including) 28.0.1500.50 (including)
Chrome Google 28.0.1500.51 (including) 28.0.1500.51 (including)
Chrome Google 28.0.1500.52 (including) 28.0.1500.52 (including)
Chrome Google 28.0.1500.53 (including) 28.0.1500.53 (including)
Chrome Google 28.0.1500.54 (including) 28.0.1500.54 (including)
Chrome Google 28.0.1500.56 (including) 28.0.1500.56 (including)
Chrome Google 28.0.1500.58 (including) 28.0.1500.58 (including)
Chrome Google 28.0.1500.59 (including) 28.0.1500.59 (including)
Chrome Google 28.0.1500.60 (including) 28.0.1500.60 (including)
Chrome Google 28.0.1500.61 (including) 28.0.1500.61 (including)
Chrome Google 28.0.1500.62 (including) 28.0.1500.62 (including)
Chrome Google 28.0.1500.63 (including) 28.0.1500.63 (including)
Chrome Google 28.0.1500.64 (including) 28.0.1500.64 (including)
Chrome Google 28.0.1500.66 (including) 28.0.1500.66 (including)
Chrome Google 28.0.1500.68 (including) 28.0.1500.68 (including)
Chromium-browser Ubuntu devel *
Chromium-browser Ubuntu lucid *
Chromium-browser Ubuntu precise *
Chromium-browser Ubuntu quantal *
Chromium-browser Ubuntu raring *
Chromium-browser Ubuntu upstream *

References