CVE-2013-6643

N/A Unknown
Published: January 16, 2014 Modified: April 29, 2026
View on NVD

Description

The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows attackers to trigger a sync with an arbitrary Google account by leveraging improper handling of the closing of an untrusted signin confirm dialog.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html
Source: cve@mitre.org
Release Notes Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://www.debian.org/security/2014/dsa-2862
Source: cve@mitre.org
Third Party Advisory
https://code.google.com/p/chromium/issues/detail?id=321940
Source: cve@mitre.org
Exploit Patch Vendor Advisory
https://src.chromium.org/viewvc/chrome?revision=237115&view=revision
Source: cve@mitre.org
Patch Vendor Advisory
http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html
Source: af854a3a-2127-422b-91ae-364da2661108
Release Notes Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://www.debian.org/security/2014/dsa-2862
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://code.google.com/p/chromium/issues/detail?id=321940
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch Vendor Advisory
https://src.chromium.org/viewvc/chrome?revision=237115&view=revision
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory

10 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.2%
40th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-287

Affected Vendors

linux apple microsoft google opensuse debian

Related CVEs

CVE-2026-41971 5.5
CVE-2026-41970 6.8
CVE-2026-41969 6.2
CVE-2026-41968 5.9
CVE-2026-41967 5.9