1 results (0.007 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High) La implementación inadecuada en Google Updatetor anterior a la versión 1.3.36.351 en Google Chrome permitió a un atacante local realizar una escalada de privilegios a través de un archivo malicioso. (Severidad de seguridad de Chrome: alta) This vulnerability allows local attackers to escalate privileges on affected installations of Google Chrome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update mechanism. By creating a DOS device redirection, an attacker can abuse the update mechanism to launch an executable from an untrusted location. • https://issues.chromium.org/issues/40064602 • CWE-233: Improper Handling of Parameters •