CVE-2013-6652

2014-02-2402:00:00

mitre

www.cve.org

5.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.6%

JSON

Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for … (dot dot) sequences or (2) lack of use of the \?\ protection mechanism.