Vulnerabilities > CVE-2008-7061 - Resource Management Errors vulnerability in Google Chrome 0.2.149.29
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The tooltip manager (chrome/views/tooltip_manager.cc) in Google Chrome 0.2.149.29 Build 1798 and possibly other versions before 0.2.149.30 allows remote attackers to cause a denial of service (CPU consumption or crash) via a tag with a long title attribute, which is not properly handled when displaying a tooltip, a different vulnerability than CVE-2008-6994. NOTE: there is inconsistent information about the environments under which this issue exists.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Google Chrome 0.2.149 Malformed 'title' Tag Remote Denial of Service Vulnerability. CVE-2008-7061. Dos exploits for multiple platform |
| id | EDB-ID:32311 |
| last seen | 2016-02-03 |
| modified | 2008-09-02 |
| published | 2008-09-02 |
| reporter | Exodus |
| source | https://www.exploit-db.com/download/32311/ |
| title | Google Chrome 0.2.149 - Malformed 'title' Tag Remote Denial of Service Vulnerability |
References
- http://googlechromereleases.blogspot.com/2008/09/beta-release-0214930.html
- http://googlechromereleases.blogspot.com/2008/09/beta-release-0214930.html
- http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/render_widget_host_hwnd.cc?r1=1287&r2=2042&pathrev=2042
- http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/render_widget_host_hwnd.cc?r1=1287&r2=2042&pathrev=2042
- http://src.chromium.org/viewvc/chrome/trunk/src/chrome/views/tooltip_manager.cc?r1=1287&r2=2042&pathrev=2042
- http://src.chromium.org/viewvc/chrome/trunk/src/chrome/views/tooltip_manager.cc?r1=1287&r2=2042&pathrev=2042
- http://src.chromium.org/viewvc/chrome?view=rev&revision=2042
- http://src.chromium.org/viewvc/chrome?view=rev&revision=2042
- http://www.blackhat.org.il/exploits/chrome-freeze-exploit.html
- http://www.blackhat.org.il/exploits/chrome-freeze-exploit.html
- http://www.securityfocus.com/archive/1/496078/100/0/threaded
- http://www.securityfocus.com/archive/1/496078/100/0/threaded
- http://www.securityfocus.com/archive/1/496094/100/0/threaded
- http://www.securityfocus.com/archive/1/496094/100/0/threaded
- http://www.securityfocus.com/archive/1/496101/100/0/threaded
- http://www.securityfocus.com/archive/1/496101/100/0/threaded
- http://www.securityfocus.com/archive/1/496126/100/0/threaded
- http://www.securityfocus.com/archive/1/496126/100/0/threaded
- http://www.securityfocus.com/archive/1/496138/100/0/threaded
- http://www.securityfocus.com/archive/1/496138/100/0/threaded
- http://www.securityfocus.com/archive/1/496145/100/0/threaded
- http://www.securityfocus.com/archive/1/496145/100/0/threaded
- http://www.securityfocus.com/archive/1/496146/100/0/threaded
- http://www.securityfocus.com/archive/1/496146/100/0/threaded
- http://www.securityfocus.com/archive/1/496151/100/0/threaded
- http://www.securityfocus.com/archive/1/496151/100/0/threaded
- http://www.securityfocus.com/archive/1/496172/100/100/threaded
- http://www.securityfocus.com/archive/1/496172/100/100/threaded
- http://www.securityfocus.com/bid/30975
- http://www.securityfocus.com/bid/30975
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45039
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45039