Security bypass vulnerability in browser/renderer_host/database_dispatcher_host.cc in Google Chrome (rpm) before 5.0.375.70 on Linux.ID: oval:org.secpod.oval:def:14 | Date: (C)2010-09-08 (M)2022-10-10 |
Class: VULNERABILITY | Family: unix |
The host is installed with Google Chrome and is prone to security bypass vulnerability. A flaw is present in browser/renderer_host/database_dispatcher_host.cc, which does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing. Successful exploitation allows remote attackers to bypass intended sandbox restrictions using vectors involving fchdir and chdir calls.