Sign up for PayPal and start accepting credit card payments instantly.
Home » Security

Google Chrome ‘SaveAs’ Function Buffer Overflow Vulnerability

8 September 2008 No Comment Add to Technorati Favorites

Proof of Concept:
Google Chrome 0.2.149.27 on Windows XP SP2 (Open Calculator)
http://security.bkis.vn/Proof-Of-Concept/PoC-XPSP2.html
With other Windows non-XP SP2:
http://security.bkis.vn/Proof-Of-Concept/PoC-Crash.html
Details:
·         Type of Issue : Buffer Overflow.
·         Affected Software : Google Chrome 0.2.149.27.
·         Exploitation Environment : Google Chrome  on Windows XP SP2.
·         Impact: Remote code execution.
·         Rating : Critical.
·         Description :
The vulnerability is caused due to a boundary error when handling the
"SaveAs" function. On saving a malicious page with an overly long title
(<title> tag in HTML), the program causes a stack-based overflow and makes
it possible for attackers to execute arbitrary code on users’ systems.
·         How an attacker could exploit the issue :
To exploit the Vulnerability, a hacker might construct a specially crafted
Web page, which contains malicious code. He then tricks users into visiting
a Website and convinces them to save this Page. Right after that, the code
would be executed, giving him the privilege to make use of the affected
system.
·         Discoverer : Le Duc Anh - SVRT - Bkis

 


1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...




Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.