Google Chrome - Javascript Execution Via Default Search Engines

[metalkey net <6d3374346c6b33 () gmail com>]

Google Chrome allows execution of Javascript via the Default Search Engines
feature.
An exploit can be created to take advantage of this issue by manipulating
the master_preferences file on a victim's machine.

Video Example:
https://www.youtube.com/watch?v=WoF-LkA6fMk

Walkthrough:
https://m3t4lk3y.wordpress.com/category/google-chrome-search-poison/

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/