Tuesday, April 28, 2009

Google Chrome "throw exception" Memory Exhaustion Vulnerability.

The Google chrome browser is vulnerable to memory exhaustion based denial of service which can be triggered remotely.The vulnerability is a result of arbitrary shell code which is rendered in a script tag with an exception that is raised directly with throw statement. It makes the browser to consume memory thereby impacting the focused window and leads to crash. The impact can be stringent based on different systems.

Read More

- EF

No comments: