CVE-2013-2900

{"id": "CVE-2013-2900", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-08-21T12:17:56.730", "references": [{"url": "http://crbug.com/181617", "source": "chrome-cve-admin@google.com"}, {"url": "http://googlechromereleases.blogspot.com/2013/08/stable-channel-update.html", "source": "chrome-cve-admin@google.com"}, {"url": "http://www.debian.org/security/2013/dsa-2741", "source": "chrome-cve-admin@google.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18381", "source": "chrome-cve-admin@google.com"}, {"url": "https://src.chromium.org/viewvc/chrome?revision=200603&view=revision", "source": "chrome-cve-admin@google.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name."}, {"lang": "es", "value": "La funcion FilePath::ReferencesParent en files/file_path.cc en Google Chrome anterior a v29.0.1547.57 en Windows no maneja adecuadamente las rutas de los componentes compuestos en su totalidad de. (punto) y espacios en blanco, lo que permite a atacantes remotos realizar ataques transversales de directorio a trav\u00e9s de un nombre de directorio manipulado."}], "lastModified": "2023-11-07T02:15:34.513", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5F7E1EE-34F6-4ACD-8CB2-8E1E2C697167", "versionEndIncluding": "29.0.1547.56"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A205F4A9-C759-4EDE-A220-4E8254FDF710"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2691B40B-0780-4273-89A2-D4A27C9F6DDE"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A5E5187-F8DC-4ABC-8553-708863184E06"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29895241-7320-4A63-9F5D-63DCDB746FA4"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29FC1D63-65E6-4A74-9A35-DF163695B02F"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE4086C4-32FF-47B9-8028-976961465485"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96815460-04C1-4149-8816-7752E179982E"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFBCA972-CA9A-45BF-BE23-783EAA57B77E"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5B57105-A7FD-4C2D-AFA8-852372E18588"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DA34F38-99D6-475E-8E2B-FB5A8476B64E"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C97CA451-8E54-4E8E-A016-F0B35898AC11"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4994EC6-189A-469C-93B5-A937C00417DA"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AD3ACF2-C0FE-48DF-818B-85145B0FC1BB"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9636B493-5817-4FB6-9DC5-B90B00352633"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFDF5FF9-232E-4639-A9B7-3EED34473189"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C0520DA-59C7-439B-B844-3E4205D5F183"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E124A90-EB96-453E-A144-31B7D0837CB6"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EC39D00-0AB3-428D-9ABC-68AD05F25C4E"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "740A8019-FBED-4CBE-9429-8B704F6AE1F6"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E20C7EE2-A0F6-41A0-B253-24C44C2B4504"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6969D860-2DD9-41C6-832C-9DD9E6ADB641"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23E7D241-B1EC-4C71-8040-21034EB307E0"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FCE5807-2AC0-4EAC-8254-0DE691BE1D51"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EAC107C-35DD-44A4-A2DC-ACB038DE0A19"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.28:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD6BE2CA-8D36-4D22-B647-CEB71882BDB5"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA6C1355-357C-496A-AD0A-07147AAB1F87"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E715A992-AD6C-4108-B72D-2CD8079130D2"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "378821F6-51E8-46F6-99DA-088AE15CCA88"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F65387F-8F24-4F56-AE72-BE3C275738D0"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C43A8070-20EF-47AE-AE18-29F84E6DE46C"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16FA0F16-3056-4CF8-AFC9-63646C616834"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C4F7F75-26DF-4A4E-BB56-2C1518B444A8"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C623D17-6FA1-4BF4-B97B-C28C1A4FA94B"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C278FCD7-B7D0-423D-ACA8-81E748D68E86"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2DB4A78-442D-4C4D-81FE-8839BA1B32F9"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.39:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7EB94975-2E46-4B37-914F-97EB52E53ABA"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B76A5684-CCE8-4596-95BA-6E885A55F7E9"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.41:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "775E231C-BFE6-4590-9D51-796CA54FF4FF"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.42:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C091A681-60FB-470F-8D86-E0EEC23B0266"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.45:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C41C427C-CDB7-4E9B-B46A-DED3DCCA16E3"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.46:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "911006E1-8631-4ADB-BD1D-6574EAEC36A5"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.47:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "258CE5FE-41C4-4738-A39F-E1885E070D6E"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4134B5DA-59A5-4BE5-8613-F9CC4776A0AF"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.49:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFD852DE-41AE-4C9F-898C-79C0B81B2B5C"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6975C72C-3499-4DBA-A1D3-56C67077AA03"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.51:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6CB37BA-E21E-4DD7-AC2C-17D1951AA6AC"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.52:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2BAB482-CACD-465D-A007-5377C6FCE784"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.53:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F3581AF-6A19-42AD-ACA5-C1B8E922BE32"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.54:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D85AA6D-A0B9-42F1-8F12-686256276F03"}, {"criteria": "cpe:2.3:a:google:chrome:29.0.1547.55:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "466AC650-FE2F-427A-AB9B-3E18F5563CE4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "chrome-cve-admin@google.com"}