CVE 2013 2902

CVE-2013-2902 Fix commit for vulnerability: https://src.chromium.org/viewvc/blink?view=revision&revision=155640 Commit that introduced vulnerability: [email protected] Revision 129423 https://src.chromium.org/viewvc/blink/branches/chromium/1547/Source/core/dom/DocumentStyleSheetCollection.cpp?revision=129423&pathrev=155640 Mon Sep 24 22:14:47 2012 UTC

Who found it? cloudbot

Who fixed it? Chris Evans [email protected]

Is code tested by automated tests? Yes

Was it the same people who found it as who fixed it? No

Code reviews: https://codereview.chromium.org/22392008

Did they talk about security in the code reviews? They did not talk about security in the code review. They did not believe there was any functional change to the code in this revision

Did they make a clear mistake related to the vulnerability they missed

Are there any other linguistic features you notice about these discussions? Seems like because they did not beelieve there was a functional change and because the revision modified so much code they may have only skimmed through the document.

Was there a bounty awarded? 1000? Any evidence of an exploit? No

Was there a metasploit module made for it, or another exploit related to it? No

Any mention of how it was found? Fuzzer? Manual? cloudfuzzer of Google Security Team

Any other specific project level development events happen during this time? (eg. dump a related dependency, or change the design in some way?) Refactoring code to make it less “big and unweildy”

Any other interesting facts about this vulnerability that you would tell anyone? they did not think there was any functional changes in the revision that introduced the vulnerability.