The flaw was discovered last week by the expert Andris Atteka who filed also a bug report.
“Recently I reported a crash bug in Google Chrome (issue #533361). This issue reminded me of the recent Skype vulnerability – both occur with simple URL strings. So how can you crash Google Chrome? By adding a NULL char in the URL string:
Unfortunately no reward was awarded as this was deemed to be only a DOS vulnerability. Anyway, making secure software is much harder than finding issues in it. Thanks Google.” wrote Andris Atteka.
Experts at The Register published the image of two URLs that could be used to crash Chrome, users can kill their browser just rolling the mouse over them in a page, or launching them from another application such as an email client, or pasting them into the address bar.
The above URLs trigger a breakpoint rather than exploit a buffer overflow vulnerability.
The two URL works on Chrome 45.0.2454.93 on OS X El Capitan and Windows 10 and also Opera 32.0 which is based on Chromium 45 crash. The experts also noticed Chromebooks crashing by managing the URL, meanwhile Android’s Chrome seems to be immune.
%%300
at the end of the URL is converted into %00
(0x30
is the ASCII code for ‘0’. The %%300 becomes this string of characters: the original ‘%’, the converted ‘0’, and the original ‘0’. Combined, that’s ‘%00’.) This sticks a NULL byte at the end of the web address.GURLToDatabaseURL()
which calls ReplaceComponents()
.GURLToDatabaseURL()
which expects the URL to still be valid, and callsspec()
on it.DCHECK
() that causes the software to bail out – even on the release build.The Chromium team is currently working to fix the issue.
(Security Affairs – Chrome, hacking)
A critical vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and…
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement…
Healthcare service provider Kaiser Permanente disclosed a security breach that may impact 13.4 million individuals…
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over…
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
This website uses cookies.