SECUNIA ADVISORY ID: SA33800
VERIFY ADVISORY: http://secunia.com/advisories/33800/
CRITICAL: Highly critical
IMPACT: System access
SOFTWARE: Google Chrome 1.x - http://secunia.com/advisories/product/20760/
DESCRIPTION: A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to the application registering itself as a handler for certain URIs in an improper way. This can be exploited to inject arbitrary command line arguments and potentially execute arbitrary commands by tricking the user into clicking a specially crafted link in a different browser. The vulnerability is reported in versions prior to 1.0.154.48. This is related to: SA25984
SOLUTION: Update to version 1.0.154.48.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://sites.google.com/a/chromium.org/dev/getting-involved/dev-channel/release-notes/release1015448
OTHER REFERENCES: SA25984: http://secunia.com/advisories/25984/
Google Chrome URI Handler Registration VulnerabilityPosted on Monday, February 09, 2009 @ 18:21:28 UTC in Security |
Related
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
