Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2013-6652

Published: 24 February 2014

Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for .. (dot dot) sequences or (2) lack of use of the \\?\ protection mechanism.

Notes

AuthorNote
mdeslaur
windows-specific

Priority

Medium

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
lucid Ignored
(end of life)
precise Not vulnerable

quantal Not vulnerable

saucy Not vulnerable

upstream
Released (33.0.1750.117)