QwikSec

Security Database

CVE

CWE

Training

CVE-2008-7061

Published: Aug 24, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The tooltip manager (chrome/views/tooltip_manager.cc) in Google Chrome 0.2.149.29 Build 1798 and possibly other versions before 0.2.149.30 allows remote attackers to cause a denial of service (CPU consumption or crash) via a tag with a long title attribute, which is not properly handled when displaying a tooltip, a different vulnerability than CVE-2008-6994. NOTE: there is inconsistent information about the environments under which this issue exists.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20080908 Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit

mailing-list

x_refsource_BUGTRAQ

20080909 Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

20080910 Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit

mailing-list

x_refsource_BUGTRAQ

20080908 Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit

mailing-list

x_refsource_BUGTRAQ

google-chrome-titletag-dos(45039)

vdb-entry

x_refsource_XF

20080908 Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit

mailing-list

x_refsource_BUGTRAQ

20080909 Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit

mailing-list

x_refsource_BUGTRAQ

20080908 Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit

mailing-list

x_refsource_BUGTRAQ

http://googlechromereleases.blogspot.com/2008/09/beta-release-0214930.html

x_refsource_CONFIRM

http://src.chromium.org/viewvc/chrome/trunk/src/chrome/views/tooltip_manager.cc?r1=1287&r2=2042&pathrev=2042

x_refsource_MISC

20080909 Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit

mailing-list

x_refsource_BUGTRAQ

http://www.blackhat.org.il/exploits/chrome-freeze-exploit.html

x_refsource_MISC

http://src.chromium.org/viewvc/chrome?view=rev&revision=2042

x_refsource_CONFIRM

20080908 Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit

mailing-list

x_refsource_BUGTRAQ

http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/render_widget_host_hwnd.cc?r1=1287&r2=2042&pathrev=2042

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.