PoC Code is in Attach file because this file is saved in 'Unicode' type for exploit.
Here is Description for this Vuln :
· Type of Issue : Buffer Overflow.
· Affected Software : Google Chrome 0.2.149.27.
· Exploitation Environment : Google Chrome (Language: Vietnamese) on Windows XP SP2.
· Impact: Remote code execution.
· Rating : Critical .
· Description :
The vulnerability is caused due to a boundary error when handling the “SaveAs” function. On saving
a malicious page with an overly long title (<title> tag in HTML), the program causes a stack-based overflow and makes
it possible for attackers to execute arbitrary code on users’ systems.
· How an attacker could exploit the issue :
To exploit the Vulnerability, a hacker might construct a specially crafted Web page, which contains malicious code.
He then tricks users into visiting his Website and convinces them to save this Page. Right after that, the code would
be executed, giving him the privilege to make use of the affected system.
· Discoverer : Le Duc Anh - SVRT - Bkis
· About SVRT :
SVRT, which is short for Security Vulnerability Research Team, is one of Bkis researching groups. SVRT specializes
in the detection, alert and announcement of security vulnerabilities in software, operating systems, network protocols
and embedded systems…
· Website : security.bkis.vn
· Mail : svrt[at]bkav.com.vn
http://milw0rm.com/sploits/2008-chrome.tgz
# milw0rm.com [2008-09-05]
lunes, 8 de septiembre de 2008
Google Chrome Browser 0.2.149.27 (SaveAs) Remote BOF Exploit
Suscribirse a:
Comentarios de la entrada (Atom)
Páginas
Etiquetas
INTERNET
(459)
newsweek
(305)
SEGURIDAD
(224)
software
(136)
HACK
(86)
GOOGLE
(47)
Hacker
(46)
Geek
(41)
hardware
(36)
WINDOWS
(34)
Hackers
(31)
CRACK
(29)
facebook
(29)
video
(28)
DESCARGA
(27)
videos
(26)
Celulares
(25)
MICROSOFT
(22)
Informatica
(21)
apple
(19)
GRATIS
(18)
technology
(18)
virus
(18)
exploit
(17)
computación
(16)
informatico
(16)
web
(15)
cracker
(14)
INALAMBRICO
(13)
WINDOWS 7
(13)
noticias
(11)
MSN
(10)
termino
(10)
ACTUALIZACION
(9)
Gamer
(9)
LapTops
(9)
Mac
(9)
PASSWORD
(9)
WINDOWS XP
(9)
dns
(9)
firefox
(9)
juegos
(9)
FOTOS
(8)
cientifico
(8)
iphone
(8)
WEP
(7)
antivirus
(7)
bibliografia
(7)
Desencriptar
(6)
INFINITUM
(6)
wifi
(6)
youtube
(6)
Craker
(5)
Culiacan
(5)
DESMOSTRACION
(5)
TELEFONIA
(5)
gmail
(5)
messenger
(5)
DIRECTA
(4)
DOWNLOAD
(4)
ESPAÑOL
(4)
XBOX
(4)
xss
(4)
Glosario
(3)
HTML
(3)
WPA
(3)
anuncios
(3)
ataques
(3)
hosting
(3)
hotmail
(3)
Guru
(2)
ajax
(2)
wpa2
(2)
No hay comentarios.:
Publicar un comentario
Déjanos tu comentario, nos permitirá mejorar.
¿Qué opinas de este tema?
¿Tienes alguna duda o sugerencia?
¿Te parece adecuado y completo este tema?
¿Falta información? ¿Cual?