The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL.
References
Configurations
History
No history.
Information
Published : 2015-04-19 10:59
Updated : 2024-02-04 18:35
NVD link : CVE-2015-1248
Mitre link : CVE-2015-1248
CVE.ORG link : CVE-2015-1248
JSON object : View
Products Affected
- chrome
debian
- debian_linux
CWE
CWE-264
Permissions, Privileges, and Access Controls