Google Chrome Break

2008.11.13
Credit: Liu Die Yu
Risk: Low
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

Address spoofing. Already patched. It's in the news last month. Just a reminder, XCON'08 is coming in a week - check http://xcon.xfocus.org/ greetz to drewcopley, drorshalev, zwell, liuyuer, lqa21, and, of course all_at_topsec ---------- http://liudieyu.com/kissofthedragon.32168816196486005/ To be viewed with Google Chrome Last tested Wednesday, October 29, 2008 at 9:53:18 AM (time zone: UTC/GMT +8 hours) Up-to-date Google Chrome (version: 0.2.149.30) Contents Address spoofing. 1. Address is displayed "bbb.org". 2. Contents are not from bbb.org(contents are manipulated). http://twitter.com/liudieyu Google Chrome is still "virgin" - Right now only had a bunch of D.o.S, and, a buffer overrun if user saves the attacker's webpage.

References:

http://seclists.org/bugtraq/2008/Nov/0077.html


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top