Lucene search
HistoryFeb 24, 2014 - 4:48 a.m.
CVE-2013-6652
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6
Confidence
Low
EPSS
0.002
Percentile
56.6%
Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for … (dot dot) sequences or (2) lack of use of the \?\ protection mechanism.
Affected configurations
Node
googlechromeRange≤33.0.1750.116
ORgooglechromeMatch33.0.1750.0
ORgooglechromeMatch33.0.1750.1
ORgooglechromeMatch33.0.1750.2
ORgooglechromeMatch33.0.1750.3
ORgooglechromeMatch33.0.1750.4
ORgooglechromeMatch33.0.1750.5
ORgooglechromeMatch33.0.1750.6
ORgooglechromeMatch33.0.1750.7
ORgooglechromeMatch33.0.1750.8
ORgooglechromeMatch33.0.1750.9
ORgooglechromeMatch33.0.1750.10
ORgooglechromeMatch33.0.1750.11
ORgooglechromeMatch33.0.1750.12
ORgooglechromeMatch33.0.1750.13
ORgooglechromeMatch33.0.1750.14
ORgooglechromeMatch33.0.1750.15
ORgooglechromeMatch33.0.1750.16
ORgooglechromeMatch33.0.1750.18
ORgooglechromeMatch33.0.1750.19
ORgooglechromeMatch33.0.1750.20
ORgooglechromeMatch33.0.1750.21
ORgooglechromeMatch33.0.1750.22
ORgooglechromeMatch33.0.1750.23
ORgooglechromeMatch33.0.1750.24
ORgooglechromeMatch33.0.1750.25
ORgooglechromeMatch33.0.1750.26
ORgooglechromeMatch33.0.1750.27
ORgooglechromeMatch33.0.1750.28
ORgooglechromeMatch33.0.1750.29
ORgooglechromeMatch33.0.1750.30
ORgooglechromeMatch33.0.1750.31
ORgooglechromeMatch33.0.1750.34
ORgooglechromeMatch33.0.1750.35
ORgooglechromeMatch33.0.1750.36
ORgooglechromeMatch33.0.1750.37
ORgooglechromeMatch33.0.1750.38
ORgooglechromeMatch33.0.1750.39
ORgooglechromeMatch33.0.1750.40
ORgooglechromeMatch33.0.1750.41
ORgooglechromeMatch33.0.1750.42
ORgooglechromeMatch33.0.1750.43
ORgooglechromeMatch33.0.1750.44
ORgooglechromeMatch33.0.1750.45
ORgooglechromeMatch33.0.1750.46
ORgooglechromeMatch33.0.1750.47
ORgooglechromeMatch33.0.1750.48
ORgooglechromeMatch33.0.1750.49
ORgooglechromeMatch33.0.1750.50
ORgooglechromeMatch33.0.1750.51
ORgooglechromeMatch33.0.1750.52
ORgooglechromeMatch33.0.1750.53
ORgooglechromeMatch33.0.1750.54
ORgooglechromeMatch33.0.1750.55
ORgooglechromeMatch33.0.1750.56
ORgooglechromeMatch33.0.1750.57
ORgooglechromeMatch33.0.1750.58
ORgooglechromeMatch33.0.1750.59
ORgooglechromeMatch33.0.1750.60
ORgooglechromeMatch33.0.1750.61
ORgooglechromeMatch33.0.1750.62
ORgooglechromeMatch33.0.1750.63
ORgooglechromeMatch33.0.1750.64
ORgooglechromeMatch33.0.1750.65
ORgooglechromeMatch33.0.1750.66
ORgooglechromeMatch33.0.1750.67
ORgooglechromeMatch33.0.1750.68
ORgooglechromeMatch33.0.1750.69
ORgooglechromeMatch33.0.1750.70
ORgooglechromeMatch33.0.1750.71
ORgooglechromeMatch33.0.1750.73
ORgooglechromeMatch33.0.1750.74
ORgooglechromeMatch33.0.1750.75
ORgooglechromeMatch33.0.1750.76
ORgooglechromeMatch33.0.1750.77
ORgooglechromeMatch33.0.1750.79
ORgooglechromeMatch33.0.1750.80
ORgooglechromeMatch33.0.1750.81
ORgooglechromeMatch33.0.1750.82
ORgooglechromeMatch33.0.1750.83
ORgooglechromeMatch33.0.1750.85
ORgooglechromeMatch33.0.1750.88
ORgooglechromeMatch33.0.1750.89
ORgooglechromeMatch33.0.1750.90
ORgooglechromeMatch33.0.1750.91
ORgooglechromeMatch33.0.1750.92
ORgooglechromeMatch33.0.1750.93
ORgooglechromeMatch33.0.1750.104
ORgooglechromeMatch33.0.1750.106
ORgooglechromeMatch33.0.1750.107
ORgooglechromeMatch33.0.1750.108
ORgooglechromeMatch33.0.1750.109
ORgooglechromeMatch33.0.1750.110
ORgooglechromeMatch33.0.1750.111
ORgooglechromeMatch33.0.1750.112
ORgooglechromeMatch33.0.1750.113
ORgooglechromeMatch33.0.1750.115
microsoftwindows
| Vendor | Product | Version | CPE |
|---|---|---|---|
| chrome | * | cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | |
| chrome | 33.0.1750.0 | cpe:2.3:a:google:chrome:33.0.1750.0:*:*:*:*:*:*:* | |
| chrome | 33.0.1750.1 | cpe:2.3:a:google:chrome:33.0.1750.1:*:*:*:*:*:*:* | |
| chrome | 33.0.1750.2 | cpe:2.3:a:google:chrome:33.0.1750.2:*:*:*:*:*:*:* | |
| chrome | 33.0.1750.3 | cpe:2.3:a:google:chrome:33.0.1750.3:*:*:*:*:*:*:* | |
| chrome | 33.0.1750.4 | cpe:2.3:a:google:chrome:33.0.1750.4:*:*:*:*:*:*:* | |
| chrome | 33.0.1750.5 | cpe:2.3:a:google:chrome:33.0.1750.5:*:*:*:*:*:*:* | |
| chrome | 33.0.1750.6 | cpe:2.3:a:google:chrome:33.0.1750.6:*:*:*:*:*:*:* | |
| chrome | 33.0.1750.7 | cpe:2.3:a:google:chrome:33.0.1750.7:*:*:*:*:*:*:* | |
| chrome | 33.0.1750.8 | cpe:2.3:a:google:chrome:33.0.1750.8:*:*:*:*:*:*:* |
Related
debiancve
debiancve
CVE-2013-6652
2014-02-24 04:48:00
prion
prion
Directory traversal
2014-02-24 04:48:00
ubuntucve
ubuntucve
CVE-2013-6652
2014-02-24 00:00:00
cvelist
cvelist
CVE-2013-6652
2014-02-24 02:00:00
cve
cve
CVE-2013-6652
2014-02-24 04:48:09
threatpost
threatpost
Google Fixes 28 Security Flaws in Chrome 33
2014-02-20 14:13:49
nessus
nessus
Google Chrome < 33.0.1750.117 Multiple Vulnerabilities
2014-02-21 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (9dd47fa3-9d53-11e3-b20f-00262d5ed8ee)
2014-02-25 00:00:00
Google Chrome < 33.0.1750.117 Multiple Vulnerabilities
2014-02-21 00:00:00
seebug
seebug
Google Chrome 33.0.1750.117之前版本多个安全漏洞
2014-02-24 00:00:00
openvas
openvas
Google Chrome Multiple Vulnerabilities-02 (Feb 2014) - Windows
2014-02-26 00:00:00
Gentoo Security Advisory GLSA 201403-01
2015-09-29 00:00:00
chrome
chrome
Stable Channel Update
2014-02-20 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2014-02-20 00:00:00
gentoo
gentoo
Chromium, V8: Multiple vulnerabilities
2014-03-05 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6
Confidence
Low
EPSS
0.002
Percentile
56.6%
Related for NVD:CVE-2013-6652