The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name.
Max CVSS
7.5
EPSS Score
1.10%
Published
2013-08-21
Updated
2017-09-19
Directory traversal vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to have an unspecified impact via vectors related to databases.
Max CVSS
7.5
EPSS Score
0.33%
Published
2013-03-05
Updated
2017-09-19
Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.33%
Published
2013-02-23
Updated
2022-11-18
Directory traversal vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to have an unspecified impact by leveraging access to an extension process.
Max CVSS
7.5
EPSS Score
0.41%
Published
2013-01-15
Updated
2018-10-30
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!