Vulnerability Details : CVE-2008-6994
Potential exploit
Stack-based buffer overflow in the SaveAs feature (SaveFileAsWithFilter function) in win_util.cc in Google Chrome 0.2.149.27 allows user-assisted remote attackers to execute arbitrary code via a web page with a long TITLE element, which triggers the overflow when the user saves the page and a long filename is generated. NOTE: it might be possible to exploit this issue via an HTTP response that includes a long filename in a Content-Disposition header.
Vulnerability category: OverflowExecute code
Products affected by CVE-2008-6994
- cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2008-6994
19.30%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-6994
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2008-6994
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-6994
-
http://www.securityfocus.com/archive/1/496042/100/0/threaded
-
https://www.exploit-db.com/exploits/6367
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/44935
-
http://www.infoworld.com/d/security-central/critical-vulnerability-patched-in-googles-chrome-599
Exploit
-
http://code.google.com/p/chromium/issues/detail?id=1414
-
http://securitytracker.com/id?1020823
Exploit
-
http://www.securityfocus.com/bid/31029
Exploit
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/44939
-
http://www.securityfocus.com/bid/31031
Exploit
-
http://src.chromium.org/viewvc/chrome/branches/chrome_official_branch/src/chrome/common/win_util.cc?r1=1757&r2=1766&pathrev=1766
Exploit
-
http://security.bkis.vn/?p=119
Exploit
-
http://osvdb.org/48259
-
https://www.exploit-db.com/exploits/6365
Jump to