Directory traversal

2013-08-2112:17:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.5%

JSON

The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name.

CPENameOperatorVersion
debian_linuxeq7.0
chromele29.0.1547.56
chromeeq29.0.1547.0
chromeeq29.0.1547.1
chromeeq29.0.1547.2
chromeeq29.0.1547.3
chromeeq29.0.1547.4
chromeeq29.0.1547.5
chromeeq29.0.1547.7
chromeeq29.0.1547.8

Name	Operator	Version
debian_linux	eq	7.0
chrome	le	29.0.1547.56
chrome	eq	29.0.1547.0
chrome	eq	29.0.1547.1
chrome	eq	29.0.1547.2
chrome	eq	29.0.1547.3
chrome	eq	29.0.1547.4
chrome	eq	29.0.1547.5
chrome	eq	29.0.1547.7
chrome	eq	29.0.1547.8