Back to search
CVE-2008-6996
Published: Aug 18, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Google Chrome BETA (0.2.149.27) does not prompt the user before saving an executable file, which makes it easier for remote attackers or malware to cause a denial of service (disk consumption) or exploit other vulnerabilities via a URL that references an executable file, possibly related to the "ask where to save each file before downloading" setting.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
31000
vdb-entry
x_refsource_BID
20080904 Re: Google Chrome Automatic File Download
mailing-list
x_refsource_BUGTRAQ
http://codereview.chromium.org/472/diff/1/2
x_refsource_CONFIRM
20080902 Google Chrome Automatic File Download
mailing-list
x_refsource_BUGTRAQ
20080903 RES: Google Chrome Automatic File Download
mailing-list
x_refsource_BUGTRAQ
20080903 RE: Google Chrome Automatic File Download
mailing-list
x_refsource_BUGTRAQ
48261
vdb-entry
x_refsource_OSVDB
20080903 Re: Google Chrome Automatic File Download
mailing-list
x_refsource_BUGTRAQ
6355
exploit
x_refsource_EXPLOIT-DB
20080906 Google Chrome Auto download exploit ..
mailing-list
x_refsource_BUGTRAQ
googlechrome-file-download(44904)
vdb-entry
x_refsource_XF
http://src.chromium.org/viewvc/chrome?view=rev&revision=1793
x_refsource_CONFIRM
20080906 Re: RES: Google Chrome Automatic File Download
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now