Lucene search

PRIOn knowledge basePRION:CVE-2010-2298

HistoryJun 15, 2010 - 6:00 p.m.

Input validation

2010-06-1518:00:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

73.3%

JSON

browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandbox restrictions via vectors involving fchdir and chdir calls.

CPENameOperatorVersion
chromelt5.0.375.70

CPE	Name	Operator	Version
	chrome	lt	5.0.375.70

References

secunia.com/advisories/40072

code.google.com/p/chromium/issues/detail?id=43304

googlechromereleases.blogspot.com/2010/06/stable-channel-update.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14154

6.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

73.3%

JSON

Related for PRION:CVE-2010-2298