Published: 24/02/2014 Updated: 24/02/2014

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome prior to 33.0.1750.117 on Windows allows malicious users to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for .. (dot dot) sequences or (2) lack of use of the \\?\ protection mechanism.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome 33.0.1750.111
google chrome 33.0.1750.110
google chrome 33.0.1750.109
google chrome 33.0.1750.108
google chrome 33.0.1750.107
google chrome 33.0.1750.80
google chrome 33.0.1750.79
google chrome 33.0.1750.77
google chrome 33.0.1750.76
google chrome 33.0.1750.61
google chrome 33.0.1750.60
google chrome 33.0.1750.59
google chrome 33.0.1750.58
google chrome 33.0.1750.44
google chrome 33.0.1750.43
google chrome 33.0.1750.42
google chrome 33.0.1750.41
google chrome 33.0.1750.26
google chrome 33.0.1750.25
google chrome 33.0.1750.24
google chrome 33.0.1750.23
google chrome 33.0.1750.8
google chrome 33.0.1750.7
google chrome 33.0.1750.6
google chrome 33.0.1750.5
google chrome 33.0.1750.91
google chrome 33.0.1750.90
google chrome 33.0.1750.89
google chrome 33.0.1750.88
google chrome 33.0.1750.69
google chrome 33.0.1750.68
google chrome 33.0.1750.67
google chrome 33.0.1750.66
google chrome 33.0.1750.53
google chrome
google chrome 33.0.1750.113
google chrome 33.0.1750.106
google chrome 33.0.1750.93
google chrome 33.0.1750.83
google chrome 33.0.1750.81
google chrome 33.0.1750.75
google chrome 33.0.1750.73
google chrome 33.0.1750.70
google chrome 33.0.1750.65
google chrome 33.0.1750.63
google chrome 33.0.1750.56
google chrome 33.0.1750.54
google chrome 33.0.1750.49
google chrome 33.0.1750.47
google chrome 33.0.1750.45
google chrome 33.0.1750.40
google chrome 33.0.1750.38
google chrome 33.0.1750.29
google chrome 33.0.1750.27
google chrome 33.0.1750.22
google chrome 33.0.1750.20
google chrome 33.0.1750.18
google chrome 33.0.1750.12
google chrome 33.0.1750.10
google chrome 33.0.1750.3
google chrome 33.0.1750.1
google chrome 33.0.1750.52
google chrome 33.0.1750.51
google chrome 33.0.1750.50
google chrome 33.0.1750.36
google chrome 33.0.1750.35
google chrome 33.0.1750.34
google chrome 33.0.1750.31
google chrome 33.0.1750.16
google chrome 33.0.1750.15
google chrome 33.0.1750.14
google chrome 33.0.1750.13
google chrome 33.0.1750.0
google chrome 33.0.1750.115
google chrome 33.0.1750.112
google chrome 33.0.1750.104
google chrome 33.0.1750.92
google chrome 33.0.1750.85
google chrome 33.0.1750.82
google chrome 33.0.1750.74
google chrome 33.0.1750.71
google chrome 33.0.1750.64
google chrome 33.0.1750.62
google chrome 33.0.1750.57
google chrome 33.0.1750.55
google chrome 33.0.1750.48
google chrome 33.0.1750.46
google chrome 33.0.1750.39
google chrome 33.0.1750.37
google chrome 33.0.1750.30
google chrome 33.0.1750.28
google chrome 33.0.1750.21
google chrome 33.0.1750.19
google chrome 33.0.1750.11
google chrome 33.0.1750.9
google chrome 33.0.1750.4
google chrome 33.0.1750.2

CWE-22 http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html https://src.chromium.org/viewvc/chrome?revision=247511&view=revision https://code.google.com/p/chromium/issues/detail?id=334897 https://nvd.nist.gov

Get Started

CVE-2013-6652

Vulnerability Summary

References

Vulmon Search

About

Products

Connect