EvilFingers: Google Chrome MetaCharacter URI Obfuscation Vulnerability.

Tuesday, November 25, 2008

Google Chrome's latest vulnerability on MetaCharacter URI Obfuscation, released by Aditya K Sood reached the media today.

This is EvilFinger's 5th Vulnerability finding on Google Chrome (3 in Sep 2008, 1 in Oct 2008 and 1 in Nov 2008).

Nov 24, 2008 Google Chrome MetaCharacter URI Obfuscation Vulnerability

Oct 20, 2008 Google Chrome OnbeforeUload and OnUnload Null Check Vuln

Sep 27, 2008 Google Chrome Window Object Suppressing Remote DoS

Sep 23, 2008 Google Chrome Carriage Return Null Obj. Memory Exhaustion Remote DoS

Sep 2, 2008 Google Chrome Browser 0.2.149.27 in chrome.dll

The latest finding was released on 24th Nov 2008 after the security update that fixed URL spoofing flaw that was aimed at pop-ups.

Some websites that listed the latest flaw:
http://www.milw0rm.com/exploits/7226

http://www.securiteam.com/windowsntfocus/6L00O1FN5S.html

http://novirusthanks.org/blog/?p=331

For more details contact us.

- EF

About Us

Evilfingers is a collection of individuals devoted to raising the bar in the field of information security. Evilfingers blog is offered to the greater information security community to help our colleagues analyze threats and to find solutions.

RootkitAnalytics is a web portal to educate and protect our users from the current day rootkits around the world. Check out our Tweets to stay posted on what's happening at our end.

ISJobs is our InfoSec job portal/blog, where we list the new job openings to help our community. Help yourself to find a job by vising our blogs regularly.

Tuesday, November 25, 2008

Google Chrome MetaCharacter URI Obfuscation Vulnerability.

No comments:

About Us

FireEye Malware Intelligence Lab

S!Ri.URZ - Crimeware Blog

M86 Security TRACE News

Search This Blog

Blog Archive

Our Followers

Books we like...

Technology Partners - Malware Intelligence

Bugspy.net - Our New Technology Partner

BugSpy.net - Exploitable bugs detector