OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
DoS vulnerability in Google Chrome

From: MustLive (mustlivewebsecurity.com.ua)
Date: Sun Aug 23 2009 - 10:21:23 CDT


Hello Bugtraq!

I want to warn you about Denial of Service vulnerability in Google Chrome.

This vulnerability I found already at 26.12.2008. Attack belongs to type of
blocking DoS and DoS via resources consumption
(http://websecurity.com.ua/2550/).

DoS:

http://websecurity.com.ua/uploads/2009/Google%20Chrome%20DoS%20Exploit.html

http://websecurity.com.ua/uploads/2009/Google%20Chrome%20DoS%20Exploit2.html

With the first exploit Chrome blocks. With the second exploit Chrome blocks,
at that consumes CPU resources.

Vulnerable version is Google Chrome 1.0.154.48 and previous versions (and
potentially next versions too).

I mentioned about this vulnerability at my site
(http://websecurity.com.ua/3435/).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua