Endpoint Vulnerability

Security Vulnerability CVE-2015-1248 for Google Chrome

Description

The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL.

Affected Products

Google Chrome

References

CVE-2015-1248,