CVE-2013-6652

2014-02-24T04:48:00
ID CVE-2013-6652
Type cve
Reporter cve@mitre.org
Modified 2014-02-24T19:20:00

Description

Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for .. (dot dot) sequences or (2) lack of use of the \?\ protection mechanism.