Google » Chrome » 25.0.1364.9 : Security Vulnerabilities, CVEs, Published In 2013 (Directory traversal)
The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name.
Max CVSS
7.5
EPSS Score
1.10%
Published
2013-08-21
Updated
2017-09-19
Directory traversal vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to have an unspecified impact via vectors related to databases.
Max CVSS
7.5
EPSS Score
0.33%
Published
2013-03-05
Updated
2017-09-19
Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.33%
Published
2013-02-23
Updated
2022-11-18
3 vulnerabilities found