DV Hardware bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
December 11, 2016 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 71 people online.

 

Latest Reviews
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
ROCCAT Isku FX gaming keyboard
Prolimatech Magnetic Pin
 

Follow us
RSS
 

First two Google Chrome vulnerabilities found

Posted on Wednesday, September 03 2008 @ 21:26:33 CEST by


Google Chrome has only been available for 24 hours or so and security researchers have already found a couple of flaws in the browser. The Tech Report writes Chrome suffers from an old WebKit vulnerability that could be used to spread malware:
Raff has put up a proof-of-concept demo showcasing the vulnerability. The demo causes Firefox to display a prompt asking the user to download a Java JAR file, but in Chrome, the file downloads automatically to the user's desktop. With a little social engineering (a red arrow pointing to the file in Chrome's download toolbar), users could unknowingly execute the Java app. The app is a simple text editor in Raff's case, but malicious coders could easily use the flaw to plant malware on users' systems.
Another security researcher found a flaw that can crash all tabs in Google Chrome. Kinda ironic, isn't it?
An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a 'special' character, the chrome crashes with a Google Chrome message window "Whoa! Google Chrome has crashed. Restart now?". It crashes on "int 3" at 0x01002FF3 as an exception/trap, followed by "POP EBP" instruction when pointed out by the EIP register at 0x01002FF4.



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2016 DM Media Group bvba