CVE

Id
37112  
CVE No.
CVE-2008-6995  
Status
Candidate  
Description
Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote attackers to cause a denial of service (browser crash) via a URI with an invalid handler followed by a "%" (percent) character, which triggers a buffer over-read, as demonstrated using an "about:%" URI.  
Phase
Assigned (20090817)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
403268 37112 CVE-2008-6995 BUGTRAQ:20080902 Google Chrome Browser (ver.0.2.149.27) Vulnerability  View
403269 37112 CVE-2008-6995 URL:http://archives.neohapsis.com/archives/bugtraq/2008-09/0028.html  View
403270 37112 CVE-2008-6995 MILW0RM:6353  View
403271 37112 CVE-2008-6995 URL:http://www.milw0rm.com/exploits/6353  View
403272 37112 CVE-2008-6995 MISC:http://evilfingers.com/advisory/google_chrome_poc.php  View
403273 37112 CVE-2008-6995 MISC:https://www.evilfingers.com/advisory/Google_Chrome_Browser_0.2.149.27_in_chrome_dll.php  View
403274 37112 CVE-2008-6995 CONFIRM:http://code.google.com/p/chromium/issues/detail?id=122  View
403275 37112 CVE-2008-6995 CONFIRM:http://src.chromium.org/viewvc/chrome/branches/chrome_official_branch/src/net/base/escape.cc?r1=1757&r2=1760&pathrev=1760  View
403276 37112 CVE-2008-6995 BID:30983  View
403277 37112 CVE-2008-6995 URL:http://www.securityfocus.com/bid/30983  View
403278 37112 CVE-2008-6995 OSVDB:47908  View
403279 37112 CVE-2008-6995 URL:http://osvdb.org/47908  View
403280 37112 CVE-2008-6995 XF:google-chrome-handlers-dos(44899)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
44653 JVNDB-2009-005660 phpAuction における設定情報を取得される脆弱性 phpAuction には、設定情報を取得される脆弱性が存在します。 CVE-2008-6999 37112 5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-005660.html  View