An exploit in chrome has been found. Asof yet it is only proof of concept and noone has actually started using the exploit (however code is available so is easy to do, it is really simple anyway).
The exploit is called milw0rm and allows the browser to download a file with no user interaction.
Unfortunately the only sites I can find with information are hacking sites so I am not going to post any links at this time.
With further investigation there is also a 2nd bug that can be used to crash the browser (of course including all the tags). This bug can be triggered by simply clicking on a malicious link.
If the link has been set right the browser will crash. This was reported to Google yesterday.
To reporduce this bug simply enter the following into the chrome address bar about:%
http://code.google.com/p/chromium/issues/detail?id=122
The exploit is called milw0rm and allows the browser to download a file with no user interaction.
Unfortunately the only sites I can find with information are hacking sites so I am not going to post any links at this time.
With further investigation there is also a 2nd bug that can be used to crash the browser (of course including all the tags). This bug can be triggered by simply clicking on a malicious link.
If the link has been set right the browser will crash. This was reported to Google yesterday.
To reporduce this bug simply enter the following into the chrome address bar about:%
http://code.google.com/p/chromium/issues/detail?id=122
Last edited:
and if it downloads the files without user's interaction it will download god knows what. Making it a High Risk vulnerability.
