PT-2010-3884 · Google · Google Chrome
Mark Dowd
·
Publicado
2010-06-15
·
Atualizado
2020-08-05
·
CVE-2010-2298
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 5.0.375.70
Description
The issue is related to the handling of ViewHostMsg DatabaseOpenFile messages in chroot-based sandboxing. It allows remote attackers to bypass intended sandbox restrictions via vectors involving fchdir and chdir calls.
Recommendations
For versions prior to 5.0.375.70, update to version 5.0.375.70 or later to resolve the issue.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Google Chrome