Security firm spots Chrome 'SaveAs' flaw
Bach Khoa Internet Security of Vietnam reports that the new Google browser is susceptible to a critical buffer-overflow flaw.
It's been only a few days since Google released its Chrome browser, and security researchers are still digging into the software in search of the first few flaws.
A company in Vietnam has turned up the latest vulnerability in Chrome, according to a story posted to Information Week's Web site. Bach Khoa Internet Security says that the Chrome 0.2.149.27 release is susceptible to a critical buffer-overflow flaw, which could allow a remote attacker to take control of a PC. BKIS says it has reported the vulnerability to Google.
Here's how BKIS describes the vulnerability and how it could be exploited:
The vulnerability is caused due to a boundary error when handling the "SaveAs" function. On saving a malicious page with an overly long title (title tag in HTML), the program causes a stack-based overflow and makes it possible for attackers to execute arbitrary code on users' systems.
To exploit the Vulnerability, a hacker might construct a specially crafted Web page, which contains malicious code. He then tricks users into visiting his Website and convinces them to save this Page. Right after that, the code would be executed, giving him the privilege to make use of the affected system.
Earlier this week, security researcher Rishi Narang reported a flaw related to how Chrome, still in beta, behaves with undefined handlers, while another researcher, Aviv Raff, developed a proof-of-concept demo that showed Chrome could be hit with a carpet-bombing flaw.