CVE-2013-2900
21.08.2013, 12:17
The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name.
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 7.0 |
| chrome | 𝑥 ≤ 29.0.1547.56 | |
| chrome | 29.0.1547.0 | |
| chrome | 29.0.1547.1 | |
| chrome | 29.0.1547.2 | |
| chrome | 29.0.1547.3 | |
| chrome | 29.0.1547.4 | |
| chrome | 29.0.1547.5 | |
| chrome | 29.0.1547.7 | |
| chrome | 29.0.1547.8 | |
| chrome | 29.0.1547.9 | |
| chrome | 29.0.1547.10 | |
| chrome | 29.0.1547.11 | |
| chrome | 29.0.1547.12 | |
| chrome | 29.0.1547.13 | |
| chrome | 29.0.1547.14 | |
| chrome | 29.0.1547.15 | |
| chrome | 29.0.1547.16 | |
| chrome | 29.0.1547.17 | |
| chrome | 29.0.1547.18 | |
| chrome | 29.0.1547.19 | |
| chrome | 29.0.1547.20 | |
| chrome | 29.0.1547.21 | |
| chrome | 29.0.1547.22 | |
| chrome | 29.0.1547.23 | |
| chrome | 29.0.1547.27 | |
| chrome | 29.0.1547.28 | |
| chrome | 29.0.1547.29 | |
| chrome | 29.0.1547.30 | |
| chrome | 29.0.1547.31 | |
| chrome | 29.0.1547.32 | |
| chrome | 29.0.1547.33 | |
| chrome | 29.0.1547.34 | |
| chrome | 29.0.1547.35 | |
| chrome | 29.0.1547.36 | |
| chrome | 29.0.1547.37 | |
| chrome | 29.0.1547.38 | |
| chrome | 29.0.1547.39 | |
| chrome | 29.0.1547.40 | |
| chrome | 29.0.1547.41 | |
| chrome | 29.0.1547.42 | |
| chrome | 29.0.1547.45 | |
| chrome | 29.0.1547.46 | |
| chrome | 29.0.1547.47 | |
| chrome | 29.0.1547.48 | |
| chrome | 29.0.1547.49 | |
| chrome | 29.0.1547.50 | |
| chrome | 29.0.1547.51 | |
| chrome | 29.0.1547.52 | |
| chrome | 29.0.1547.53 | |
| chrome | 29.0.1547.54 | |
| chrome | 29.0.1547.55 |
𝑥
= Vulnerable software versions
Ubuntu Releases
References