Webmaster Forum

Go Back   Webmaster Forum > Marketing Forums > Google Forum

Google Forum Discuss Google related issues.


Reply
 
Thread Tools Display Modes
Share |
  #1  
Old 09-09-2008, 03:44 PM
minstrel's Avatar
minstrel minstrel is offline
Senior Member
 
Join Date: 06-28-04
Location: Ottawa, Canada
Posts: 385
iTrader: 0 / 0%
Google patches critical Chrome code execution flaws

Google patches ‘critical’ Chrome code execution flaws
by Ryan Naraine
September 8th, 2008

Quote:
The first security patch for Google’s new Chrome browser is out, fixing at least two “critical” vulnerabilities that put Windows users at risk of code execution attacks.

The patch, which is rolled out automatically via Chrome’s auto-update feature, also addresses two additional security vulnerabilities — the carpet-bombing issue and a denial-of-service flaw that could lead to browser crashes and data loss.

From the release notes:
  • Fixes a buffer overflow vulnerability in handling long filenames that display in the “Save As” dialog. This is a critical risk that could lead to execution of arbitrary code. See here for fix details.
  • Fixes a buffer overflow vulnerability in handling link targets displayed in the status area when the user hovers over a link. This is a critical risk that could lead to execution of arbitrary code. The issue was reported privately to Google. Fix details here.
  • Fixes an out of bounds memory read when parsing URLs ending with :%. This is a low risk that can be used to crash the entire browser, possibly causing loss of data in the current session. Fix information here.
  • The update also changes the default Downloads directory if it is set to Desktop to ensure that Desktop cannot be the default. This mitigates the risk of malicious cluttering of the desktop (aka carpet bombing) with unwanted downloads, which can lead to executing unwanted files.
Curiously, user agent for the fully patched version of Chrome (version 0.2.149.29) is still showing WebKit 525.13 (Safari 3.1) , meaning that Aviv Raff’s two-click PC takeover vulnerability is still unpatched.

I just tested Raff’s proof-of-concept that combines two flaws — one in Safari and one in Java — and was still able to execute code without warning. Strange.
 
Reply With Quote

Advertisement

Advertisement

Go Back   Webmaster Forum > Marketing Forums > Google Forum

Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Google Chrome mit Tech Talk 117 05-01-2009 07:20 PM
More security vulnerabilities in Google Chrome minstrel Tech Talk 2 09-18-2008 07:15 AM
looking for partners to help set up google chrome network of sites. ThePhpCoder Joint Ventures 1 09-04-2008 07:06 PM
Security vulnerability in Google Chrome minstrel Tech Talk 4 09-03-2008 08:09 PM


V7N Network
Get exposure! V7N I Love Photography V7N SEO Blog V7N Directory


All times are GMT -7. The time now is 09:13 PM.
Powered by vBulletin
Copyright © 2000-2014 Jelsoft Enterprises Limited.
Copyright © 2003 - 2018 VIX-WomensForum LLC