NA
CVSSv3

CVE-2008-5749

CVSSv4: NA | CVSSv3: NA | CVSSv2: 6.8 | VMScore: 780 | EPSS: 0.01023 | KEV: Not Included
Published: 29/12/2008 Updated: 21/11/2024

Vulnerability Summary

Argument Injection Vulnerability in Google Chrome on Windows XP SP3

An argument injection vulnerability is present in Google Chrome version 1.0.154.36 on Windows XP SP3. This flaw lets remote attackers execute arbitrary commands using the --renderer-path option within a chromehtml: URI. However, a third party disputes this issue, claiming Chrome "will ask for user permission" and "cannot launch the applet even if you have given out the permission."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome 1.0.154.36

Exploits

<!-- Google Chrome Browser (ChromeHTML://) remote parameter injection POC by Nine:Situations:Group::bellick&strawdog Site: retrogodaltervistaorg/ tested against: Internet Explorer 8 beta 2, Google Chrome 1015436, Microsoft Windows XP SP3 List of command line switches: srcchromiumorg/svn/trunk/src/chrome/common/chrome_swi ...