Bugtraq mailing list archives

DoS vulnerability in Google Chrome

From: "MustLive" <mustlive () websecurity com ua>
Date: Sun, 23 Aug 2009 18:21:23 +0300

Hello Bugtraq!

I want to warn you about Denial of Service vulnerability in Google Chrome.

This vulnerability I found already at 26.12.2008. Attack belongs to type ofblocking DoS and DoS via resources consumption(http://websecurity.com.ua/2550/).


DoS:

http://websecurity.com.ua/uploads/2009/Google%20Chrome%20DoS%20Exploit.html

http://websecurity.com.ua/uploads/2009/Google%20Chrome%20DoS%20Exploit2.html

With the first exploit Chrome blocks. With the second exploit Chrome blocks,at that consumes CPU resources.

Vulnerable version is Google Chrome 1.0.154.48 and previous versions (andpotentially next versions too).

I mentioned about this vulnerability at my site(http://websecurity.com.ua/3435/).


Best wishes & regards,
MustLive
Administrator of Websecurity web site

http://websecurity.com.ua

Current thread:

DoS vulnerability in Google Chrome MustLive (Aug 24)
- <Possible follow-ups>
- RE: DoS vulnerability in Google Chrome advisories (Aug 25)
  - Re: DoS vulnerability in Google Chrome MustLive (Aug 25)
- Re: DoS vulnerability in Google Chrome advisories (Aug 26)