27 lines
No EOL
1.6 KiB
Text
27 lines
No EOL
1.6 KiB
Text
PoC Code is in Attach file because this file is saved in 'Unicode' type for exploit.
|
||
|
||
Here is Description for this Vuln :
|
||
· Type of Issue : Buffer Overflow.
|
||
· Affected Software : Google Chrome 0.2.149.27.
|
||
· Exploitation Environment : Google Chrome (Language: Vietnamese) on Windows XP SP2.
|
||
· Impact: Remote code execution.
|
||
· Rating : Critical .
|
||
· Description :
|
||
The vulnerability is caused due to a boundary error when handling the “SaveAs†function. On saving
|
||
a malicious page with an overly long title (<title> tag in HTML), the program causes a stack-based overflow and makes
|
||
it possible for attackers to execute arbitrary code on users’ systems.
|
||
· How an attacker could exploit the issue :
|
||
To exploit the Vulnerability, a hacker might construct a specially crafted Web page, which contains malicious code.
|
||
He then tricks users into visiting his Website and convinces them to save this Page. Right after that, the code would
|
||
be executed, giving him the privilege to make use of the affected system.
|
||
· Discoverer : Le Duc Anh - SVRT - Bkis
|
||
· About SVRT :
|
||
SVRT, which is short for Security Vulnerability Research Team, is one of Bkis researching groups. SVRT specializes
|
||
in the detection, alert and announcement of security vulnerabilities in software, operating systems, network protocols
|
||
and embedded systems…
|
||
· Website : security.bkis.vn
|
||
· Mail : svrt[at]bkav.com.vn
|
||
|
||
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/6367.tgz (2008-chrome.tgz)
|
||
|
||
# milw0rm.com [2008-09-05] |