Description
Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors.
References (3)
Core 3
Core References
Release Notes, Vendor Advisory x_refsource_confirm
http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=167840
Scores
EPSS
0.0138
EPSS Percentile
68.8%
Details
CWE
CWE-22
Status
published
Products (1)
google/chrome
< 25.0.1364.97
Published
Feb 23, 2013
Tracked Since
Feb 18, 2026