Launchpad CVE tracker

CVE 2013-6623

The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout.

Related bugs and status

CVE-2013-6623 (Candidate) is related to these bugs:

Bug #1249389: linker complains of PIC instruction on object file not compiled as PIC

Summary				In	Importance	Status
	1249389	linker complains of PIC instruction on object file not compiled as PIC		chromium-browser (Ubuntu)	Undecided	Fix Released

Bug #1250579: Security fixes from 31.0.1650.48

Summary				In	Importance	Status
	1250579	Security fixes from 31.0.1650.48		chromium-browser (Ubuntu)	Undecided	Fix Released

Bug #1251454: chromium-browser fails to depend on a compatible version of libnss3

Summary				In	Importance	Status
	1251454	chromium-browser fails to depend on a compatible version of libnss3		chromium-browser (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-6623

References