browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandbox restrictions via vectors involving fchdir and chdir calls.
View Full Alert
Related Posts
CVE-2010-3412 (chrome)Race condition in the console implementation in Google Chrome before 6.0.472.59 has unspecified impact and attack vectors. View Full Alert
CVE-2010-2903 (chrome)Google Chrome before 5.0.375.125 performs unexpected truncation and improper eliding of hostnames, which has unspecified impact and remote attack vectors. View Full Alert
CVE-2010-3917 (chrome)Google Chrome before 3.0 does not properly handle XML documents, which allows remote attackers to obtain sensitive information via a crafted web site. View Full Alert
