DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
January 20, 2018 
Main Menu
News archives

Who's Online
There are currently 46 people online.


Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller

Follow us

First two Google Chrome vulnerabilities found

Posted on Wednesday, September 03 2008 @ 21:26:33 CEST by

Google Chrome has only been available for 24 hours or so and security researchers have already found a couple of flaws in the browser. The Tech Report writes Chrome suffers from an old WebKit vulnerability that could be used to spread malware:
Raff has put up a proof-of-concept demo showcasing the vulnerability. The demo causes Firefox to display a prompt asking the user to download a Java JAR file, but in Chrome, the file downloads automatically to the user's desktop. With a little social engineering (a red arrow pointing to the file in Chrome's download toolbar), users could unknowingly execute the Java app. The app is a simple text editor in Raff's case, but malicious coders could easily use the flaw to plant malware on users' systems.
Another security researcher found a flaw that can crash all tabs in Google Chrome. Kinda ironic, isn't it?
An issue exists in how chrome behaves with undefined-handlers in chrome.dll version A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a 'special' character, the chrome crashes with a Google Chrome message window "Whoa! Google Chrome has crashed. Restart now?". It crashes on "int 3" at 0x01002FF3 as an exception/trap, followed by "POP EBP" instruction when pointed out by the EIP register at 0x01002FF4.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba