Unrated severityNVD Advisory· Published Dec 7, 2013· Updated Apr 29, 2026
CVE-2013-6640
CVE-2013-6640
Description
The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that sets a variable to the value of an array element with a crafted index.
Affected products
83cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*+ 57 more
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*range: <=31.0.1650.62
- cpe:2.3:a:google:chrome:31.0.1650.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.25:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.28:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.29:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.34:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.47:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.48:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.49:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.51:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.52:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.53:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.54:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.55:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.57:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.58:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.59:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.60:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:31.0.1650.61:*:*:*:*:*:*:*
cpe:2.3:a:google:v8:*:*:*:*:*:*:*:*+ 24 more
- cpe:2.3:a:google:v8:*:*:*:*:*:*:*:*range: <=3.22.24
- cpe:2.3:a:google:v8:3.22.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:v8:3.22.23:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- code.google.com/p/v8/source/detailnvdPatch
- googlechromereleases.blogspot.com/2013/12/stable-channel-update.htmlnvdVendor Advisory
- lists.opensuse.org/opensuse-updates/2013-12/msg00090.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-12/msg00096.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-12/msg00122.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-12/msg00124.htmlnvd
- lists.opensuse.org/opensuse-updates/2014-01/msg00042.htmlnvd
- lists.opensuse.org/opensuse-updates/2014-01/msg00063.htmlnvd
- secunia.com/advisories/56216nvd
- secunia.com/advisories/56217nvd
- www.debian.org/security/2013/dsa-2811nvd
- www.securitytracker.com/id/1029442nvd
- code.google.com/p/chromium/issues/detailnvd
News mentions
0No linked articles in our index yet.