{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGO_RC_FILE environment variable, which allows attackers to bypass intended access restrictions via crafted configuration data."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-04-10T16:00:00Z", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2013/04/chrome-os-stable-channel-update.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.google.com/p/chromium/issues/detail?id=189250"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.chromium.org/gitweb/?p=chromiumos/overlays/chromiumos-overlay.git%3Ba=commit%3Bh=fb5a664def6cd34bf7295489ea73e1d989bdd6d0"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2013-0927", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGO_RC_FILE environment variable, which allows attackers to bypass intended access restrictions via crafted configuration data."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://googlechromereleases.blogspot.com/2013/04/chrome-os-stable-channel-update.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2013/04/chrome-os-stable-channel-update.html"}, {"name": "https://code.google.com/p/chromium/issues/detail?id=189250", "refsource": "CONFIRM", "url": "https://code.google.com/p/chromium/issues/detail?id=189250"}, {"name": "http://git.chromium.org/gitweb/?p=chromiumos/overlays/chromiumos-overlay.git;a=commit;h=fb5a664def6cd34bf7295489ea73e1d989bdd6d0", "refsource": "CONFIRM", "url": "http://git.chromium.org/gitweb/?p=chromiumos/overlays/chromiumos-overlay.git;a=commit;h=fb5a664def6cd34bf7295489ea73e1d989bdd6d0"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:41:48.305Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://googlechromereleases.blogspot.com/2013/04/chrome-os-stable-channel-update.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://code.google.com/p/chromium/issues/detail?id=189250"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.chromium.org/gitweb/?p=chromiumos/overlays/chromiumos-overlay.git%3Ba=commit%3Bh=fb5a664def6cd34bf7295489ea73e1d989bdd6d0"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2013-0927", "datePublished": "2013-04-10T16:00:00Z", "dateReserved": "2013-01-07T00:00:00Z", "dateUpdated": "2024-09-17T03:23:19.414Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:chrome_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D66E267-A6D0-46A4-B988-DE0A4779CBEC", "versionEndIncluding": "26.0.1410.56", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.0:*:*:*:*:*:*:*", "matchCriteriaId": "57C32233-05E6-4847-B25D-1C38A6C26453", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.1:*:*:*:*:*:*:*", "matchCriteriaId": "CC14076B-3334-449B-A902-3D8B49615046", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.3:*:*:*:*:*:*:*", "matchCriteriaId": "A5C2B604-D105-4AF7-8E0C-A6DD958BD329", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.4:*:*:*:*:*:*:*", "matchCriteriaId": "DEFB0E35-D224-4620-9F3A-A60ACBFBEE74", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.5:*:*:*:*:*:*:*", "matchCriteriaId": "36A08B6C-532F-42B3-8D5A-3AF70DC0ED70", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.6:*:*:*:*:*:*:*", "matchCriteriaId": "5A990528-D530-401C-AAF7-8751EF47BD14", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.7:*:*:*:*:*:*:*", "matchCriteriaId": "F4952903-5E34-4A6D-97C6-01142D640BBF", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.8:*:*:*:*:*:*:*", "matchCriteriaId": "D7E2D88C-B327-42D4-B05F-7AAED139D70D", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.9:*:*:*:*:*:*:*", "matchCriteriaId": "BC1F9F18-7C6D-40F5-A38E-73944ADE49D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.10:*:*:*:*:*:*:*", "matchCriteriaId": "4019D15A-4252-4C9F-A245-296C6BDC2F76", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.11:*:*:*:*:*:*:*", "matchCriteriaId": "04A216CB-2EFA-4426-81A4-476D7AACA11E", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.12:*:*:*:*:*:*:*", "matchCriteriaId": "92089171-ADEE-43A1-A8A3-90DF46BF9372", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.14:*:*:*:*:*:*:*", "matchCriteriaId": "B7E53A7F-C690-4D7D-BA19-AF359F884A0C", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.15:*:*:*:*:*:*:*", "matchCriteriaId": "3D5DE46D-D8AA-4191-92B3-7DEF3A353174", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.16:*:*:*:*:*:*:*", "matchCriteriaId": "6EB47E6C-A753-499A-A90F-74AC1B53368F", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.17:*:*:*:*:*:*:*", "matchCriteriaId": "20AD7A55-0ECF-42EB-9923-3D69FBCA0BA4", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.18:*:*:*:*:*:*:*", "matchCriteriaId": "BE19CBB5-F778-4045-840F-305254B60C53", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.19:*:*:*:*:*:*:*", "matchCriteriaId": "E1332705-DA13-401A-B994-2CB0A704D9F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.20:*:*:*:*:*:*:*", "matchCriteriaId": "9A1A2811-627D-4322-BDCC-209701013B9E", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.21:*:*:*:*:*:*:*", "matchCriteriaId": "164C7F7F-B7CF-42FB-9F44-3207A5576C61", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.22:*:*:*:*:*:*:*", "matchCriteriaId": "9A468147-0B6C-4B09-A2B4-13D4B5A28250", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.23:*:*:*:*:*:*:*", "matchCriteriaId": "D94236E3-3BF6-4FE8-BDA1-036CE33B1E49", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.24:*:*:*:*:*:*:*", "matchCriteriaId": "9826CE5A-F25E-4806-BEE8-800594886D6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.25:*:*:*:*:*:*:*", "matchCriteriaId": "AD6D28BB-AEFD-4E01-B1DD-6CA0E1FD655B", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.26:*:*:*:*:*:*:*", "matchCriteriaId": "67BFD954-863C-46C7-B105-BD988016C514", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.27:*:*:*:*:*:*:*", "matchCriteriaId": "7701EA16-874E-4708-BB6A-CB4E29F342AB", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.28:*:*:*:*:*:*:*", "matchCriteriaId": "6B551CFD-63FD-4556-8227-09EBF3A76356", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.29:*:*:*:*:*:*:*", "matchCriteriaId": "FCF5753B-3F98-4DA0-BBDD-854164B772BC", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.30:*:*:*:*:*:*:*", "matchCriteriaId": "A25823D4-CE45-4731-AD3C-AD93F8C38704", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.31:*:*:*:*:*:*:*", "matchCriteriaId": "63076800-7977-4C8C-8C05-1F5078A47F78", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.32:*:*:*:*:*:*:*", "matchCriteriaId": "3C1F509E-61D5-49B1-888F-75F6A06A8E0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.33:*:*:*:*:*:*:*", "matchCriteriaId": "DF3EE78D-7535-40EC-97C7-E01F8AB6B655", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.34:*:*:*:*:*:*:*", "matchCriteriaId": "E6F2E666-D9CD-4436-A843-39A891057097", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.35:*:*:*:*:*:*:*", "matchCriteriaId": "54D2C9EC-7C09-4E14-9498-26666880FF39", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.36:*:*:*:*:*:*:*", "matchCriteriaId": "4EAA51C4-021C-4802-B074-D4C168B2821E", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.37:*:*:*:*:*:*:*", "matchCriteriaId": "5F1290C8-FB9D-452D-8FDA-6DDD2D5E668C", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.38:*:*:*:*:*:*:*", "matchCriteriaId": "9C10D6E7-15D9-42D8-B86F-4E6384EBA17D", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.39:*:*:*:*:*:*:*", "matchCriteriaId": "0D1DC13D-C1CE-482C-B96F-F52A2D4C5303", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.40:*:*:*:*:*:*:*", "matchCriteriaId": "E439A399-E57B-462F-BABB-9AB26F800688", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.41:*:*:*:*:*:*:*", "matchCriteriaId": "973A1155-5C33-410F-A7BB-C6F19CC4EE06", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.42:*:*:*:*:*:*:*", "matchCriteriaId": "677B37D1-A9E1-4CEA-A7F6-2C151647F878", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.43:*:*:*:*:*:*:*", "matchCriteriaId": "8DD7BC34-62C2-4D37-8E16-C86FB80C71D4", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.44:*:*:*:*:*:*:*", "matchCriteriaId": "DD49AF05-07B3-4900-AA89-02FA9A920F4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.45:*:*:*:*:*:*:*", "matchCriteriaId": "073F62F0-47EA-42F4-AA33-6676491F4EAF", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.46:*:*:*:*:*:*:*", "matchCriteriaId": "075A1812-B4A1-4C9A-9746-A6B5CDEA6F36", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.47:*:*:*:*:*:*:*", "matchCriteriaId": "7FE8B325-A442-4724-A0A7-B15BBBE7A2A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.48:*:*:*:*:*:*:*", "matchCriteriaId": "5E77FE45-AE1B-4B1F-ABCA-AA4F1A912BC6", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.49:*:*:*:*:*:*:*", "matchCriteriaId": "0AD496EA-E568-4313-84A4-FE5B89A990F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.50:*:*:*:*:*:*:*", "matchCriteriaId": "E6AB58CB-6CC7-4BF2-B1FC-E862DCE68505", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.51:*:*:*:*:*:*:*", "matchCriteriaId": "4F619A5D-2AEE-41FD-BF09-B77E05B73153", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.52:*:*:*:*:*:*:*", "matchCriteriaId": "1B0D02E1-2A0F-450D-8C2C-9104E58AAA30", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.54:*:*:*:*:*:*:*", "matchCriteriaId": "6E2340BB-B557-43B3-8AB7-58333143A8DE", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:chrome_os:26.0.1410.55:*:*:*:*:*:*:*", "matchCriteriaId": "E18DE7FE-73B4-4F8E-BA5B-F5E4E36242B0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGO_RC_FILE environment variable, which allows attackers to bypass intended access restrictions via crafted configuration data."}, {"lang": "es", "value": "Google Chrome OS antes v26.0.1410.57 se basa en una implementaci\u00f3n de Pango pango-utils.c read_config que carga el contenido del archivo .Pangorc en el directorio home del usuario y el archivo referenciado por la variable de entorno PANGO_RC_FILE, lo que permite a los atacantes para eludir las restricciones de acceso previstas a trav\u00e9s unos datos de configuraci\u00f3n hechos a medida."}], "id": "CVE-2013-0927", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-04-10T16:55:04.810", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://git.chromium.org/gitweb/?p=chromiumos/overlays/chromiumos-overlay.git%3Ba=commit%3Bh=fb5a664def6cd34bf7295489ea73e1d989bdd6d0"}, {"source": "chrome-cve-admin@google.com", "url": "http://googlechromereleases.blogspot.com/2013/04/chrome-os-stable-channel-update.html"}, {"source": "chrome-cve-admin@google.com", "url": "https://code.google.com/p/chromium/issues/detail?id=189250"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.chromium.org/gitweb/?p=chromiumos/overlays/chromiumos-overlay.git%3Ba=commit%3Bh=fb5a664def6cd34bf7295489ea73e1d989bdd6d0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://googlechromereleases.blogspot.com/2013/04/chrome-os-stable-channel-update.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/chromium/issues/detail?id=189250"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}