Vulnerability CVE-2013-2900: Information

Description

The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name.

Severity: HIGH (7.5)

URL: https://nvd.nist.gov/vuln/detail/CVE-2013-2900
Published: Aug. 21, 2013
Modified: Nov. 7, 2023
Error type identifier: CWE-22

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://src.chromium.org/viewvc/chrome?revision=200603&view=revision
    http://googlechromereleases.blogspot.com/2013/08/stable-channel-update.html
      oval:org.mitre.oval:def:18381
        http://crbug.com/181617
          DSA-2741

              1. Configuration 1

                cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

                Configuration 2

                cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.0:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.1:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.2:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.3:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.4:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.5:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.7:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.8:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.9:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.10:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.11:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.12:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.13:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.14:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.15:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.16:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.17:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.18:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.19:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.20:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.21:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.22:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.23:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.27:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.28:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.29:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.30:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.31:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.32:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.33:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.34:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.35:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.36:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.37:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.38:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.39:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.40:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.41:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.42:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.45:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.46:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.47:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.48:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.49:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.50:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.51:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.52:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.53:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.54:*:*:*:*:*:*:*
                cpe:2.3:a:google:chrome:29.0.1547.55:*:*:*:*:*:*:*
                Running on/with:
                cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
            VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
            Version: v24.4.2
            Back to top