mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-01 11:10:36 +00:00
1.0 KiB
1.0 KiB
CVE-2008-6994
Description
Stack-based buffer overflow in the SaveAs feature (SaveFileAsWithFilter function) in win_util.cc in Google Chrome 0.2.149.27 allows user-assisted remote attackers to execute arbitrary code via a web page with a long TITLE element, which triggers the overflow when the user saves the page and a long filename is generated. NOTE: it might be possible to exploit this issue via an HTTP response that includes a long filename in a Content-Disposition header.
POC
Reference
- http://www.infoworld.com/d/security-central/critical-vulnerability-patched-in-googles-chrome-599
- https://www.exploit-db.com/exploits/6365
- https://www.exploit-db.com/exploits/6367
Github
No PoCs found on GitHub currently.