Denial of Service Vulnerability in Google V8 Used by Google Chrome
CVE-2013-6668

Currently unrated

Key Information:

Vendor: Google
Status: Chrome; V8
Vendor: CVE Published:; 5 March 2014

Badges

👾 Exploit Exists🟡 Public PoC

Summary

Multiple unspecified vulnerabilities in Google V8 prior to version 3.24.35.10, as utilized in Google Chrome versions before 33.0.1750.146, open pathways for attackers to execute denial of service attacks, potentially leading to significant disruption and diminished user experience. The vulnerabilities arise from unknown vectors that compromise the stability and performance of the affected software, necessitating timely updates and patches to mitigate such risks.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CveTest
Created by sdneon

References

https://code.google.com/p/chromium/issues/detail?id=344186

x_refsource_CONFIRM

http://www.securityfocus.com/bid/65930

vdb-entryx_refsource_BID

http://www.debian.org/security/2014/dsa-2883

vendor-advisoryx_refsource_DEBIAN

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

🟡
Public PoC available
Sep 10, 2014
👾
Exploit known to exist
Sep 10, 2014
Vulnerability published
Mar 5, 2014
Vulnerability Reserved
Nov 5, 2013