PT-2015-4322 · Google+1 · Google Chrome+1
Grt
·
Publicado
2015-01-27
·
Atualizado
2015-02-21
·
CVE-2014-9646
CVSS v2.0
4.6
Média
| Vetor | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 40.0.2214.91
Description
The issue is related to an unquoted Windows search path vulnerability in the GoogleChromeDistribution::DoPostUninstallOperations function. This vulnerability can be exploited by a local user to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% directory.
Recommendations
For versions prior to 40.0.2214.91, update to version 40.0.2214.91 or later to resolve the issue.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Google Chrome