gHacks technology news » vulnerabilites http://www.ghacks.net A technology blog covering software, mobile phones, gadgets, security, the Internet and other relevant areas. Thu, 18 Mar 2010 18:01:40 +0000 http://wordpress.org/?v=2.9.2 en hourly 1 More Google Chrome Vulnerabilities emergehttp://www.ghacks.net/2008/09/11/more-google-chrome-vulnerabilities-emerge/ http://www.ghacks.net/2008/09/11/more-google-chrome-vulnerabilities-emerge/#comments Thu, 11 Sep 2008 07:17:24 +0000 Martin http://www.ghacks.net/?p=6925 It has been about a week since the initial release of Google’s long awaited browser which marked Google’s entry into the browser market. The launch created buzz especially on the Internet where blogs and news portals raced to be the first to post interface screenshots, tests and reviews about Google Chrome.

Even the mainstream media picked the story up. It was not uncommon to see radio and tv stations report on the new Google Browser.

Just one day after the release the first security vulnerability emerged and others followed suite.

The latest vulnerabilities emerged yesterday with the releases of proof-of-concept exploits for several Google Chrome vulnerabilities. They were kicked of by Ukrainian researchers who discovered a vulnerability that would download files automatically to the users computer. They published three specifically prepared websites that would download files automatically to the user’s computer.

The second vulnerability is making use of a buffer overflow when saving pages which can result in remote code execution on the target system.

The vulnerability is caused due to a boundary error when handling the “SaveAs” function. On saving a malicious page with an overly long title ( tag in HTML), the program causes a stack-based overflow and makes it possible for attackers to execute arbitrary code on users’ systems.</p></blockquote><p>The discovery of the security vulnerabilities poses an interesting question. Why are that many security vulnerabilities discovered? Is it because the Google Chrome browser is more vulnerable than other browsers or could it be because security researchers worldwide started to flock to the browser in hopes of discovering vulnerabilities?</p><p>The Google Chrome team <a href="http://blogs.zdnet.com/security/?p=1858">responded</a> to this vulnerabilities already and promised that a patched version of Google Chrome would be available later today.</p> ]]></content:encoded> <wfw:commentRss>http://www.ghacks.net/2008/09/11/more-google-chrome-vulnerabilities-emerge/feed/</wfw:commentRss> <slash:comments>3</slash:comments> </item> </channel> </rss> <!-- Performance optimized by W3 Total Cache. Learn more: http://www.w3-edge.com/wordpress-plugins/ Minified using disk Page Caching using disk (user agent is rejected) Database Caching 6/13 queries in 0.004 seconds using disk Served from: www.ghacks.net @ 2010-03-18 22:02:30 -->