Google Chrome Browser 0.2.149.27 (SaveAs) Remote BOF Exploit

2008-09-05T00:00:00
ID 1337DAY-ID-9255
Type zdt
Reporter SVRT
Modified 2008-09-05T00:00:00

Description

Exploit for unknown platform in category remote exploits

                                        
                                            ============================================================
Google Chrome Browser 0.2.149.27 (SaveAs) Remote BOF Exploit
============================================================




PoC Code is in Attach file because this file is saved in 'Unicode' type for exploit.

Here is Description for this Vuln :
·          Type of Issue : Buffer Overflow. 
·          Affected Software : Google Chrome 0.2.149.27.      
·          Exploitation Environment : Google Chrome (Language: Vietnamese) on Windows XP SP2.
·          Impact: Remote code execution.
·          Rating : Critical .
·          Description :
The vulnerability is caused due to a boundary error when handling the “SaveAs” function. On saving 
a malicious page with an overly long title (<title> tag in HTML), the program causes a stack-based overflow and makes 
it possible for attackers to execute arbitrary code on users’ systems.
·          How an attacker could exploit the issue :
To exploit the Vulnerability, a hacker might construct a specially crafted Web page, which contains malicious code. 
He then tricks users into visiting his Website and convinces them to save this Page. Right after that, the code would 
be executed, giving him the privilege to make use of the affected system.
·          Discoverer : Le Duc Anh - SVRT - Bkis
·          About SVRT :
SVRT, which is short for Security Vulnerability Research Team, is one of Bkis researching groups. SVRT specializes 
in the detection, alert and announcement of security vulnerabilities in software, operating systems, network protocols 
and embedded systems…


back: http://inj3ct0r.com/sploits/1013.zip



#  0day.today [2018-03-14]  #