Wilders Security Forums  

Go Back   Wilders Security Forums > Other Security Topics > other security issues & news
Reload this Page Google Chrome binary planting vulnerability
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread
  #1  
Old October 23rd, 2011, 09:14 AM
MrBrian MrBrian is offline
Very Frequent Poster
  
Join Date: Feb 2008
Posts: 2,925
Default Google Chrome binary planting vulnerability
From http://secunia.com/advisories/46471/:
Quote:
A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to the application bundling a vulnerable version of the NSS library.
  #2  
Old October 23rd, 2011, 09:22 AM
funkydude's Avatar
funkydude funkydude is offline
Massive Poster
  
Join Date: Apr 2004
Posts: 5,997
Default Re: Google Chrome binary planting vulnerability
I like the solution!

Quote:
Solution
Do not open files from untrusted sources.
__________________
OpenDNS with DNSCrypt

SSD: Windows 8 Pro x64 | IE10 (Enhanced Protected Mode) & Fanboy's TPLs
HDD: Xubuntu 12.04 LTS (x64) | Firefox: ABP(Fanboy's list) & HTTPS Everywhere
  #3  
Old October 23rd, 2011, 10:19 AM
m00nbl00d m00nbl00d is offline
Incredibly Massive Poster
  
Join Date: Jan 2009
Posts: 6,454
Default Re: Google Chrome binary planting vulnerability
Well, considering that most Google Chrome users are probably using Google has their search engine, and it now opens in https, then they are not at danger.

Any other https works fine, as well.

Quote:
Because of the "first HTTPS connection" requirement, this attack can't
work if user's default search engine is Google, as this triggers an
HTTPS connection upon Chrome startup. (Which results in an attempt to
load pkcs11.txt from "C:\".)

Source: -https://code.google.com/p/chromium/issues/detail?id=97426
 

Wilders Security Forums > Other Security Topics > other security issues & news « Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 02:59 PM.

Contact Us - SSL - Wilders Security - Archive - TOS/Privacy - Top

Powered by vBulletin® Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums