Published: 24/02/2014 Updated: 01/04/2014

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The drag-and-drop implementation in Google Chrome prior to 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote malicious users to discover full pathnames via a crafted web site.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome 33.0.1750.111
google chrome 33.0.1750.110
google chrome 33.0.1750.92
google chrome 33.0.1750.91
google chrome 33.0.1750.80
google chrome 33.0.1750.79
google chrome 33.0.1750.70
google chrome 33.0.1750.69
google chrome 33.0.1750.62
google chrome 33.0.1750.61
google chrome 33.0.1750.53
google chrome 33.0.1750.52
google chrome 33.0.1750.45
google chrome 33.0.1750.44
google chrome 33.0.1750.37
google chrome 33.0.1750.36
google chrome 33.0.1750.26
google chrome 33.0.1750.113
google chrome 33.0.1750.112
google chrome 33.0.1750.104
google chrome 33.0.1750.93
google chrome 33.0.1750.82
google chrome 33.0.1750.81
google chrome 33.0.1750.73
google chrome 33.0.1750.71
google chrome 33.0.1750.64
google chrome 33.0.1750.63
google chrome 33.0.1750.55
google chrome 33.0.1750.54
google chrome 33.0.1750.47
google chrome 33.0.1750.46
google chrome 33.0.1750.39
google chrome 33.0.1750.38
google chrome 33.0.1750.28
google chrome 33.0.1750.27
google chrome 33.0.1750.20
google chrome 33.0.1750.19
google chrome 33.0.1750.11
google chrome 33.0.1750.10
google chrome 33.0.1750.2
google chrome 33.0.1750.1
google chrome 33.0.1750.25
google chrome 33.0.1750.18
google chrome 33.0.1750.16
google chrome 33.0.1750.9
google chrome 33.0.1750.8
google chrome 33.0.1750.7
google chrome 33.0.1750.0
google chrome
google chrome 33.0.1750.115
google chrome 33.0.1750.107
google chrome 33.0.1750.106
google chrome 33.0.1750.88
google chrome 33.0.1750.85
google chrome 33.0.1750.83
google chrome 33.0.1750.75
google chrome 33.0.1750.74
google chrome 33.0.1750.66
google chrome 33.0.1750.65
google chrome 33.0.1750.58
google chrome 33.0.1750.57
google chrome 33.0.1750.56
google chrome 33.0.1750.49
google chrome 33.0.1750.48
google chrome 33.0.1750.41
google chrome 33.0.1750.40
google chrome 33.0.1750.30
google chrome 33.0.1750.29
google chrome 33.0.1750.22
google chrome 33.0.1750.21
google chrome 33.0.1750.13
google chrome 33.0.1750.12
google chrome 33.0.1750.4
google chrome 33.0.1750.3
google chrome 33.0.1750.109
google chrome 33.0.1750.108
google chrome 33.0.1750.90
google chrome 33.0.1750.89
google chrome 33.0.1750.77
google chrome 33.0.1750.76
google chrome 33.0.1750.68
google chrome 33.0.1750.67
google chrome 33.0.1750.60
google chrome 33.0.1750.59
google chrome 33.0.1750.51
google chrome 33.0.1750.50
google chrome 33.0.1750.43
google chrome 33.0.1750.42
google chrome 33.0.1750.35
google chrome 33.0.1750.34
google chrome 33.0.1750.31
google chrome 33.0.1750.24
google chrome 33.0.1750.23
google chrome 33.0.1750.15
google chrome 33.0.1750.14
google chrome 33.0.1750.6
google chrome 33.0.1750.5

Several vulnerabilities have been discovered in the chromium web browser CVE-2013-6653 Khalil Zhani discovered a use-after-free issue in chromium's web contents color chooser CVE-2013-6654 TheShow3511 discovered an issue in SVG handling CVE-2013-6655 cloudfuzzer discovered a use-after-free issue in dom event handling CVE-2013-6 ...

CWE-264 https://code.google.com/p/chromium/issues/detail?id=332579 https://src.chromium.org/viewvc/chrome?revision=244538&view=revision http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00006.html http://www.debian.org/security/2014/dsa-2883 https://nvd.nist.gov https://www.debian.org/security/./dsa-2883

Get Started

CVE-2013-6660

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect