English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.900214
Category:Denial of Service
Title:Google Chrome < 0.2.149.29 Multiple Vulnerabilities
Summary:Google Chrome is prone to multiple vulnerabilities.
Description:Summary:
Google Chrome is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- the Browser failing to handle specially crafted HTML img tags, certain
user-supplied data, HTTP view-source headers, and HTML href tags.

- the Browser allows users to download arbitrary files without confirmation.

- the Browser fails to perform adequate validation on user supplied data.

Vulnerability Impact:
A remote user could cause Denial of Service conditions or can execute arbitrary
code by convincing the users to visit a malicious website.

Affected Software/OS:
Google Chrome version 0.2.149.27 and prior.

Solution:
Update to version 0.2.149.29 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-6994
BugTraq ID: 31029
http://www.securityfocus.com/bid/31029
BugTraq ID: 31031
http://www.securityfocus.com/bid/31031
Bugtraq: 20080905 Google Chrome 0.2.149.27 'SaveAs' Function Buffer Overflow Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/496042/100/0/threaded
https://www.exploit-db.com/exploits/6365
https://www.exploit-db.com/exploits/6367
http://security.bkis.vn/?p=119
http://www.infoworld.com/d/security-central/critical-vulnerability-patched-in-googles-chrome-599
http://osvdb.org/48259
http://securitytracker.com/id?1020823
XForce ISS Database: google-chrome-filename-dos(44939)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44939
XForce ISS Database: googlechrome-saveas-bo(44935)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44935
Common Vulnerability Exposure (CVE) ID: CVE-2008-6995
BugTraq ID: 30983
http://www.securityfocus.com/bid/30983
Bugtraq: 20080902 Google Chrome Browser (ver.0.2.149.27) Vulnerability (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2008-09/0028.html
https://www.exploit-db.com/exploits/6353
http://evilfingers.com/advisory/google_chrome_poc.php
https://www.evilfingers.com/advisory/Google_Chrome_Browser_0.2.149.27_in_chrome_dll.php
http://osvdb.org/47908
XForce ISS Database: google-chrome-handlers-dos(44899)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44899
Common Vulnerability Exposure (CVE) ID: CVE-2008-6996
BugTraq ID: 31000
http://www.securityfocus.com/bid/31000
Bugtraq: 20080902 Google Chrome Automatic File Download (Google Search)
http://www.securityfocus.com/archive/1/495942/100/0/threaded
Bugtraq: 20080903 RE: Google Chrome Automatic File Download (Google Search)
http://www.securityfocus.com/archive/1/495959/100/100/threaded
Bugtraq: 20080903 RES: Google Chrome Automatic File Download (Google Search)
http://www.securityfocus.com/archive/1/495951/100/100/threaded
Bugtraq: 20080904 Re: Google Chrome Automatic File Download (Google Search)
http://www.securityfocus.com/archive/1/495954/100/100/threaded
http://www.securityfocus.com/archive/1/495987/100/0/threaded
Bugtraq: 20080906 Google Chrome Auto download exploit .. (Google Search)
http://www.securityfocus.com/archive/1/496049
Bugtraq: 20080906 Re: RES: Google Chrome Automatic File Download (Google Search)
http://www.securityfocus.com/archive/1/496048/100/100/threaded
https://www.exploit-db.com/exploits/6355
http://www.osvdb.org/48261
XForce ISS Database: googlechrome-file-download(44904)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44904
Common Vulnerability Exposure (CVE) ID: CVE-2008-6997
BugTraq ID: 31038
http://www.securityfocus.com/bid/31038
https://www.exploit-db.com/exploits/6386
http://badzmanaois.blogspot.com/2008/09/google-chrome-inspect-element-denial-of.html
http://osvdb.org/48260
XForce ISS Database: google-chrome-inspectelement-dos(44941)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44941
Common Vulnerability Exposure (CVE) ID: CVE-2008-6998
BugTraq ID: 31034
http://www.securityfocus.com/bid/31034
BugTraq ID: 31071
http://www.securityfocus.com/bid/31071
https://www.exploit-db.com/exploits/6372
http://shinnok.evonet.ro/vulns_html/chrome.html
http://osvdb.org/48264
XForce ISS Database: google-chrome-href-dos(44934)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44934
XForce ISS Database: google-chrome-urlelider-bo(45032)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45032
CopyrightCopyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.