CVE-2010-0657 (retired)

Priority
Description
Google Chrome before 4.0.249.78 on Windows does not perform the expected
encoding, escaping, and quoting for the URL in the --app argument in a
desktop shortcut, which allows user-assisted remote attackers to execute
arbitrary programs or obtain sensitive information by tricking a user into
creating a crafted shortcut.
Notes
 mdeslaur> may be windows-specific
Package
Upstream:needs-triage
Patches:
Upstream:http://src.chromium.org/viewvc/chrome?view=rev&revision=35377
More Information

Updated: 2019-03-26 11:50:48 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)