Google Chrome Argument Injection Vulnerability Network Vulnerability

Summary

This host has installed Google Chrome and is prone to argument injection vulnerability.

Impact

Successful exploitation will allow attacker to execute arbitrary code in the context of the web browser and can compromise the remote system by executing mailcious commands.

Solution

Upgrade to Google Chrome version 4.1.249.1064 or later. For updates refer to http://www.google.com/chrome

Insight

The flaw is due to lack of sanitization check of user supplied input via --renderer-path option in a chromehtml: URI.

Affected

Google Chrome version 1.0.154.36 and prior on Windows

References

http://www.securityfocus.com/archive/1/archive/1/499581/100/0/threaded

Updated on 2017-03-28

Severity

Classification

CVE CVE-2008-5749

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apple iTunes Tutorials Window Security Bypass Vulnerability (Windows)
Aardvark Topsites Multiple Vulnerabilities
Apple iTunes Tutorials Window Security Bypass Vulnerability (Mac OS X)
Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Windows)
Adobe Reader Information Disclosure & Denial of Service Vulnerabilities (Windows)

Take action and discover your vulnerabilities