Launchpad.net

CVE 2011-2782

The drag-and-drop implementation in Google Chrome before 13.0.782.107 on Linux does not properly enforce permissions for files, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors.

Related bugs and status

CVE-2011-2782 (Candidate) is related to these bugs:

Bug #819991: Update to 13.0.782.107

		In	Importance	Status
819991	Update to 13.0.782.107	chromium-browser (Ubuntu)	High	Fix Released
819991	Update to 13.0.782.107	chromium-browser (Ubuntu Lucid)	Medium	Fix Released
819991	Update to 13.0.782.107	chromium-browser (Ubuntu Maverick)	Medium	Fix Released
819991	Update to 13.0.782.107	chromium-browser (Ubuntu Natty)	Medium	Fix Released
819991	Update to 13.0.782.107	chromium-browser (Ubuntu Oneiric)	High	Fix Released

Bug #834922: Update to 13.0.782.215

		In	Importance	Status
834922	Update to 13.0.782.215	chromium-browser (Ubuntu)	Medium	Fix Released
834922	Update to 13.0.782.215	chromium-browser (Ubuntu Lucid)	Medium	Fix Released
834922	Update to 13.0.782.215	chromium-browser (Ubuntu Maverick)	Medium	Fix Released
834922	Update to 13.0.782.215	chromium-browser (Ubuntu Oneiric)	Medium	Fix Released
834922	Update to 13.0.782.215	chromium-browser (Ubuntu Natty)	Undecided	Fix Released

Bug #858744: 13.0.782.215 -> 14.0.835.202

		In	Importance	Status
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu)	High	Fix Released
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu Lucid)	High	Fix Released
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu Maverick)	High	Fix Released
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu Oneiric)	High	Fix Released
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu Natty)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-2782

Related bugs and status

Related bugs

References