PT-2013-4023 · Google · Google Chrome

Christian Jaeger

·

Publicado

2013-08-21

·

Atualizado

2017-09-19

·

CVE-2013-2905

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 29.0.1547.57
Description The issue concerns the SharedMemory::Create function in memory/shared memory posix.cc, which uses weak permissions under /dev/shm/. This allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file.
Recommendations For versions prior to 29.0.1547.57, update to version 29.0.1547.57 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2013-2905
DSA-2741-1
MGASA-2013-0278

Produtos afetados

Google Chrome