Lucene search

K
cve[email protected]CVE-2013-6652
HistoryFeb 24, 2014 - 4:48 a.m.

CVE-2013-6652

2014-02-2404:48:09
CWE-22
web.nvd.nist.gov
23
cve
2013
6652
directory traversal
vulnerability
google chrome
windows
sandbox
named pipe
bypass
policy restrictions
security issue

6 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.6%

Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for … (dot dot) sequences or (2) lack of use of the \?\ protection mechanism.

Affected configurations

NVD
Node
googlechromeRange33.0.1750.116
OR
googlechromeMatch33.0.1750.0
OR
googlechromeMatch33.0.1750.1
OR
googlechromeMatch33.0.1750.2
OR
googlechromeMatch33.0.1750.3
OR
googlechromeMatch33.0.1750.4
OR
googlechromeMatch33.0.1750.5
OR
googlechromeMatch33.0.1750.6
OR
googlechromeMatch33.0.1750.7
OR
googlechromeMatch33.0.1750.8
OR
googlechromeMatch33.0.1750.9
OR
googlechromeMatch33.0.1750.10
OR
googlechromeMatch33.0.1750.11
OR
googlechromeMatch33.0.1750.12
OR
googlechromeMatch33.0.1750.13
OR
googlechromeMatch33.0.1750.14
OR
googlechromeMatch33.0.1750.15
OR
googlechromeMatch33.0.1750.16
OR
googlechromeMatch33.0.1750.18
OR
googlechromeMatch33.0.1750.19
OR
googlechromeMatch33.0.1750.20
OR
googlechromeMatch33.0.1750.21
OR
googlechromeMatch33.0.1750.22
OR
googlechromeMatch33.0.1750.23
OR
googlechromeMatch33.0.1750.24
OR
googlechromeMatch33.0.1750.25
OR
googlechromeMatch33.0.1750.26
OR
googlechromeMatch33.0.1750.27
OR
googlechromeMatch33.0.1750.28
OR
googlechromeMatch33.0.1750.29
OR
googlechromeMatch33.0.1750.30
OR
googlechromeMatch33.0.1750.31
OR
googlechromeMatch33.0.1750.34
OR
googlechromeMatch33.0.1750.35
OR
googlechromeMatch33.0.1750.36
OR
googlechromeMatch33.0.1750.37
OR
googlechromeMatch33.0.1750.38
OR
googlechromeMatch33.0.1750.39
OR
googlechromeMatch33.0.1750.40
OR
googlechromeMatch33.0.1750.41
OR
googlechromeMatch33.0.1750.42
OR
googlechromeMatch33.0.1750.43
OR
googlechromeMatch33.0.1750.44
OR
googlechromeMatch33.0.1750.45
OR
googlechromeMatch33.0.1750.46
OR
googlechromeMatch33.0.1750.47
OR
googlechromeMatch33.0.1750.48
OR
googlechromeMatch33.0.1750.49
OR
googlechromeMatch33.0.1750.50
OR
googlechromeMatch33.0.1750.51
OR
googlechromeMatch33.0.1750.52
OR
googlechromeMatch33.0.1750.53
OR
googlechromeMatch33.0.1750.54
OR
googlechromeMatch33.0.1750.55
OR
googlechromeMatch33.0.1750.56
OR
googlechromeMatch33.0.1750.57
OR
googlechromeMatch33.0.1750.58
OR
googlechromeMatch33.0.1750.59
OR
googlechromeMatch33.0.1750.60
OR
googlechromeMatch33.0.1750.61
OR
googlechromeMatch33.0.1750.62
OR
googlechromeMatch33.0.1750.63
OR
googlechromeMatch33.0.1750.64
OR
googlechromeMatch33.0.1750.65
OR
googlechromeMatch33.0.1750.66
OR
googlechromeMatch33.0.1750.67
OR
googlechromeMatch33.0.1750.68
OR
googlechromeMatch33.0.1750.69
OR
googlechromeMatch33.0.1750.70
OR
googlechromeMatch33.0.1750.71
OR
googlechromeMatch33.0.1750.73
OR
googlechromeMatch33.0.1750.74
OR
googlechromeMatch33.0.1750.75
OR
googlechromeMatch33.0.1750.76
OR
googlechromeMatch33.0.1750.77
OR
googlechromeMatch33.0.1750.79
OR
googlechromeMatch33.0.1750.80
OR
googlechromeMatch33.0.1750.81
OR
googlechromeMatch33.0.1750.82
OR
googlechromeMatch33.0.1750.83
OR
googlechromeMatch33.0.1750.85
OR
googlechromeMatch33.0.1750.88
OR
googlechromeMatch33.0.1750.89
OR
googlechromeMatch33.0.1750.90
OR
googlechromeMatch33.0.1750.91
OR
googlechromeMatch33.0.1750.92
OR
googlechromeMatch33.0.1750.93
OR
googlechromeMatch33.0.1750.104
OR
googlechromeMatch33.0.1750.106
OR
googlechromeMatch33.0.1750.107
OR
googlechromeMatch33.0.1750.108
OR
googlechromeMatch33.0.1750.109
OR
googlechromeMatch33.0.1750.110
OR
googlechromeMatch33.0.1750.111
OR
googlechromeMatch33.0.1750.112
OR
googlechromeMatch33.0.1750.113
OR
googlechromeMatch33.0.1750.115
AND
microsoftwindows

6 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.6%