Description
Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Artem Chaykin · textremoteandroid
https://www.exploit-db.com/exploits/37795
References (2)
Core 2
Core References
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=144866
Vendor Advisory x_refsource_confirm
http://googlechromereleases.blogspot.com/2012/09/chrome-for-android-update.html
Scores
EPSS
0.0362
EPSS Percentile
87.9%
Details
CWE
CWE-264
Status
published
Products (1)
google/chrome
< 18.0.1025306
Published
Sep 13, 2012
Tracked Since
Feb 18, 2026