VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Apr 16, 2013· Updated Apr 29, 2026

CVE-2013-2835

CVE-2013-2835

Description

Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site, a different vulnerability than CVE-2013-2834.

Affected products

54
  • Google/Chrome Os54 versions
    cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*+ 53 more
    • cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*range: <=26.0.1410.56
    • cpe:2.3:o:google:chrome_os:26.0.1410.0:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.1:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.10:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.11:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.12:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.14:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.15:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.16:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.17:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.18:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.19:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.20:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.21:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.22:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.23:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.24:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.25:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.26:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.27:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.28:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.29:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.3:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.30:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.31:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.32:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.33:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.34:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.35:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.36:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.37:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.38:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.39:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.4:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.40:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.41:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.42:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.43:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.44:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.45:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.46:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.47:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.48:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.49:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.5:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.50:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.51:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.52:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.54:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.55:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.6:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.7:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.8:*:*:*:*:*:*:*
    • cpe:2.3:o:google:chrome_os:26.0.1410.9:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.