CVE-2010-2298

Google Chrome < 5.0.375.70 - Sandbox Restriction Bypass via ViewHostMsg_DatabaseOpenFile Message Handling

Title source: llm
STIX 2.1

Description

browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandbox restrictions via vectors involving fchdir and chdir calls.

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40072
Vendor Advisory x_refsource_confirm
http://code.google.com/p/chromium/issues/detail?id=43304

Scores

EPSS 0.0158
EPSS Percentile 72.6%

Details

CWE
CWE-20
Status published
Products (1)
google/chrome < 5.0.375.70
Published Jun 15, 2010
Tracked Since Feb 18, 2026