Vulnerabilities > CVE-2008-6996 - Unspecified vulnerability in Google Chrome 0.2.149.27
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN google
exploit available
Summary
Google Chrome BETA (0.2.149.27) does not prompt the user before saving an executable file, which makes it easier for remote attackers or malware to cause a denial of service (disk consumption) or exploit other vulnerabilities via a URL that references an executable file, possibly related to the "ask where to save each file before downloading" setting.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Google Chrome Browser 0.2.149.27 Automatic File Download Exploit. CVE-2008-6996. Remote exploit for windows platform |
| file | exploits/windows/remote/6355.txt |
| id | EDB-ID:6355 |
| last seen | 2016-02-01 |
| modified | 2008-09-03 |
| platform | windows |
| port | |
| published | 2008-09-03 |
| reporter | nerex |
| source | https://www.exploit-db.com/download/6355/ |
| title | Google Chrome Browser 0.2.149.27 Automatic File Download Exploit |
| type | remote |
References
- http://codereview.chromium.org/472/diff/1/2
- http://codereview.chromium.org/472/diff/1/2
- http://src.chromium.org/viewvc/chrome?view=rev&revision=1793
- http://src.chromium.org/viewvc/chrome?view=rev&revision=1793
- http://www.osvdb.org/48261
- http://www.osvdb.org/48261
- http://www.securityfocus.com/archive/1/495942/100/0/threaded
- http://www.securityfocus.com/archive/1/495942/100/0/threaded
- http://www.securityfocus.com/archive/1/495951/100/100/threaded
- http://www.securityfocus.com/archive/1/495951/100/100/threaded
- http://www.securityfocus.com/archive/1/495954/100/100/threaded
- http://www.securityfocus.com/archive/1/495954/100/100/threaded
- http://www.securityfocus.com/archive/1/495959/100/100/threaded
- http://www.securityfocus.com/archive/1/495959/100/100/threaded
- http://www.securityfocus.com/archive/1/495987/100/0/threaded
- http://www.securityfocus.com/archive/1/495987/100/0/threaded
- http://www.securityfocus.com/archive/1/496048/100/100/threaded
- http://www.securityfocus.com/archive/1/496048/100/100/threaded
- http://www.securityfocus.com/archive/1/496049
- http://www.securityfocus.com/archive/1/496049
- http://www.securityfocus.com/bid/31000
- http://www.securityfocus.com/bid/31000
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44904
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44904
- https://www.exploit-db.com/exploits/6355
- https://www.exploit-db.com/exploits/6355