Full Disclosure mailing list archives
Re: Google Chrome Browser Vulnerability
From: "Larry Seltzer" <larry () larryseltzer com>
Date: Tue, 2 Sep 2008 20:13:40 -0400
Holy crap, a crash bug in a beta browser! Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine larry.seltzer () ziffdavisenterprise com -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Rishi Narang Sent: Tuesday, September 02, 2008 7:51 PM To: full-disclosure () lists grok org uk Subject: [Full-disclosure] Google Chrome Browser Vulnerability Hi, --------------------------------------------------- Software: Google Chrome Browser 0.2.149.27 Tested: Windows XP Professional SP3 Result: Google Chrome Crashes with All Tabs Problem: An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a 'special' character, the chrome crashes with a Google Chrome message window "Whoa! Google Chrome has crashed. Restart now?". It fails in dealing with the POP EBP instruction when pointed out by the EIP register at 0x01002FF4. Proof of Concept: http://evilfingers.com/advisory/google_chrome_poc.php Credit: Rishi Narang (psy.echo) www.greyhat.in www.evilfingers.com --------------------------------------------------- -- Thanks & Regards, Rishi Narang | Security Researcher Founder, GREYHAT Insight Key: 0x8D67A3A3 (www.greyhat.in/key.asc) www.greyhat.in ... eschew obfuscation, espouse elucidation. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Google Chrome Browser Vulnerability Rishi Narang (Sep 02)
- Re: Google Chrome Browser Vulnerability n3td3v (Sep 02)
- Re: Google Chrome Browser Vulnerability Larry Seltzer (Sep 02)
- Re: Google Chrome Browser Vulnerability Rishi Narang (Sep 02)
- Re: Google Chrome Browser Vulnerability n3td3v (Sep 02)
- Re: Google Chrome Browser Vulnerability n3td3v (Sep 02)
- Re: Google Chrome Browser Vulnerability silky (Sep 02)
- Re: Google Chrome Browser Vulnerability Jardel Weyrich (Sep 02)
- Re: Google Chrome Browser Vulnerability silky (Sep 02)
- Re: Google Chrome Browser Vulnerability n3td3v (Sep 02)
- Re: Google Chrome Browser Vulnerability Giancarlo Razzolini (Sep 02)
- Re: Google Chrome Browser Vulnerability n3td3v (Sep 02)
- Re: Google Chrome Browser Vulnerability Urlan (Sep 02)
- Re: Google Chrome Browser Vulnerability Rishi Narang (Sep 02)