NuytsTech Security

CVE-2008-5749

by ·

** DISPUTED **

Argument injection vulnerability in Google Chrome 1.0.154.36 on Windows XP SP3 allows remote attackers to execute arbitrary commands via the –renderer-path option in a chromehtml: URI. NOTE: a third party disputes this issue, stating that Chrome "will ask for user permission" and "cannot launch the applet even [if] you have given out the permission."

Date published : 2008-12-29

http://www.securityfocus.com/bid/32997

http://www.securityfocus.com/archive/1/499570/100/0/threaded

Tags: