Security Advisory

CVE-2013-2900

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-08-21 10:00:00

Last updated 2024-08-06 15:52:21

Assigner Chrome

State PUBLISHED

Description

The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name.

← Browse all CVEs View on cve.org ↗