Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-6652

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2013-6652
Last Modified 24 Feb 2014 02:20:45
Published 23 Feb 2014 11:48:09
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-6652

Summary

Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for .. (dot dot) sequences or (2) lack of use of the \\?\ protection mechanism.

Vulnerable Systems

Application

  • Google Chrome 33.0.1750.0

  • Google Chrome 33.0.1750.1

  • Google Chrome 33.0.1750.10

  • Google Chrome 33.0.1750.104

  • Google Chrome 33.0.1750.106

  • Google Chrome 33.0.1750.107

  • Google Chrome 33.0.1750.108

  • Google Chrome 33.0.1750.109

  • Google Chrome 33.0.1750.11

  • Google Chrome 33.0.1750.110

  • Google Chrome 33.0.1750.111

  • Google Chrome 33.0.1750.112

  • Google Chrome 33.0.1750.113

  • Google Chrome 33.0.1750.115

  • Google Chrome 33.0.1750.116

  • Google Chrome 33.0.1750.12

  • Google Chrome 33.0.1750.13

  • Google Chrome 33.0.1750.14

  • Google Chrome 33.0.1750.15

  • Google Chrome 33.0.1750.16

  • Google Chrome 33.0.1750.18

  • Google Chrome 33.0.1750.19

  • Google Chrome 33.0.1750.2

  • Google Chrome 33.0.1750.20

  • Google Chrome 33.0.1750.21

  • Google Chrome 33.0.1750.22

  • Google Chrome 33.0.1750.23

  • Google Chrome 33.0.1750.24

  • Google Chrome 33.0.1750.25

  • Google Chrome 33.0.1750.26

  • Google Chrome 33.0.1750.27

  • Google Chrome 33.0.1750.28

  • Google Chrome 33.0.1750.29

  • Google Chrome 33.0.1750.3

  • Google Chrome 33.0.1750.30

  • Google Chrome 33.0.1750.31

  • Google Chrome 33.0.1750.34

  • Google Chrome 33.0.1750.35

  • Google Chrome 33.0.1750.36

  • Google Chrome 33.0.1750.37

  • Google Chrome 33.0.1750.38

  • Google Chrome 33.0.1750.39

  • Google Chrome 33.0.1750.4

  • Google Chrome 33.0.1750.40

  • Google Chrome 33.0.1750.41

  • Google Chrome 33.0.1750.42

  • Google Chrome 33.0.1750.43

  • Google Chrome 33.0.1750.44

  • Google Chrome 33.0.1750.45

  • Google Chrome 33.0.1750.46

  • Google Chrome 33.0.1750.47

  • Google Chrome 33.0.1750.48

  • Google Chrome 33.0.1750.49

  • Google Chrome 33.0.1750.5

  • Google Chrome 33.0.1750.50

  • Google Chrome 33.0.1750.51

  • Google Chrome 33.0.1750.52

  • Google Chrome 33.0.1750.53

  • Google Chrome 33.0.1750.54

  • Google Chrome 33.0.1750.55

  • Google Chrome 33.0.1750.56

  • Google Chrome 33.0.1750.57

  • Google Chrome 33.0.1750.58

  • Google Chrome 33.0.1750.59

  • Google Chrome 33.0.1750.6

  • Google Chrome 33.0.1750.60

  • Google Chrome 33.0.1750.61

  • Google Chrome 33.0.1750.62

  • Google Chrome 33.0.1750.63

  • Google Chrome 33.0.1750.64

  • Google Chrome 33.0.1750.65

  • Google Chrome 33.0.1750.66

  • Google Chrome 33.0.1750.67

  • Google Chrome 33.0.1750.68

  • Google Chrome 33.0.1750.69

  • Google Chrome 33.0.1750.7

  • Google Chrome 33.0.1750.70

  • Google Chrome 33.0.1750.71

  • Google Chrome 33.0.1750.73

  • Google Chrome 33.0.1750.74

  • Google Chrome 33.0.1750.75

  • Google Chrome 33.0.1750.76

  • Google Chrome 33.0.1750.77

  • Google Chrome 33.0.1750.79

  • Google Chrome 33.0.1750.8

  • Google Chrome 33.0.1750.80

  • Google Chrome 33.0.1750.81

  • Google Chrome 33.0.1750.82

  • Google Chrome 33.0.1750.83

  • Google Chrome 33.0.1750.85

  • Google Chrome 33.0.1750.88

  • Google Chrome 33.0.1750.89

  • Google Chrome 33.0.1750.9

  • Google Chrome 33.0.1750.90

  • Google Chrome 33.0.1750.91

  • Google Chrome 33.0.1750.92

  • Google Chrome 33.0.1750.93


References

CONFIRM - https://src.chromium.org/viewvc/chrome?revision=247511&view=revision

CONFIRM - https://code.google.com/p/chromium/issues/detail?id=334897

CONFIRM - http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html

Related Patches

Google Chrome 33.0.1750.117 for Windows (Update) (All Languages) (See Notes)


Last Updated: 27 May 2016 10:55:14