VIR Vulnerability Intelligence Relay

CVE-2013-6645

medium
Published 2014-01-16 · Modified 2026-04-29
CVSS v3
CVSS v2
6.8
VIR risk
6.8

Description

Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/web_contents/web_contents_view_aura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving certain print-preview and tab-switch actions that interact with a speech input element.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://src.chromium.org/viewvc/chrome?revision=235302&view=revision

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://code.google.com/p/chromium/issues/detail?id=318791

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://code.google.com/p/chromium/issues/detail?id=320183

OS impact
OSVersionStatusFixed in
linux linux-kernel-not-affected
debian debian7.0affected
debian debian8.0affected
suse suse12.3affected
suse suse13.1affected
macos macos-not-affected

Application impact
VendorProductVersionsFixed
gcp googlechrome{"endExcluding":"32.0.1700.76"}32.0.1700.76

References

CWEs

CWE-416

Verify integrity in audit chain (admin only). AS-IS.