Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.
[
{
"product": "Google Chrome prior to 59.0.3071.92",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Google Chrome prior to 59.0.3071.92"
}
]
}
]