Vulnerabilities > CVE-2008-6996 - Unspecified vulnerability in Google Chrome 0.2.149.27
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Google Chrome BETA (0.2.149.27) does not prompt the user before saving an executable file, which makes it easier for remote attackers or malware to cause a denial of service (disk consumption) or exploit other vulnerabilities via a URL that references an executable file, possibly related to the "ask where to save each file before downloading" setting.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Google Chrome Browser 0.2.149.27 Automatic File Download Exploit. CVE-2008-6996. Remote exploit for windows platform |
| file | exploits/windows/remote/6355.txt |
| id | EDB-ID:6355 |
| last seen | 2016-02-01 |
| modified | 2008-09-03 |
| platform | windows |
| port | |
| published | 2008-09-03 |
| reporter | nerex |
| source | https://www.exploit-db.com/download/6355/ |
| title | Google Chrome Browser 0.2.149.27 Automatic File Download Exploit |
| type | remote |
References
- http://codereview.chromium.org/472/diff/1/2
- http://src.chromium.org/viewvc/chrome?view=rev&revision=1793
- http://www.osvdb.org/48261
- http://www.securityfocus.com/archive/1/495942/100/0/threaded
- http://www.securityfocus.com/archive/1/495951/100/100/threaded
- http://www.securityfocus.com/archive/1/495954/100/100/threaded
- http://www.securityfocus.com/archive/1/495959/100/100/threaded
- http://www.securityfocus.com/archive/1/495987/100/0/threaded
- http://www.securityfocus.com/archive/1/496048/100/100/threaded
- http://www.securityfocus.com/archive/1/496049
- http://www.securityfocus.com/bid/31000
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44904
- https://www.exploit-db.com/exploits/6355