The FileSystem API in Google Chrome prior to 40.0.2214.91 allows remote malicious users to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux 7.0 |
||
google chrome |