CVE-2010-2298 Information

Description

browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing which allows remote attackers to bypass intended sandbox restrictions via vectors involving fchdir and chdir calls.

Reference

http://code.google.com/p/chromium/issues/detail?id=43304 http://googlechromereleases.blogspot.com/2010/06/stable-channel-update.html http://secunia.com/advisories/40072 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14154