CVE-2008-6994

Published: Aug 19, 2009Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Stack-based buffer overflow in the SaveAs feature (SaveFileAsWithFilter function) in win_util.cc in Google Chrome 0.2.149.27 allows user-assisted remote attackers to execute arbitrary code via a web page with a long TITLE element, which triggers the overflow when the user saves the page and a long filename is generated. NOTE: it might be possible to exploit this issue via an HTTP response that includes a long filename in a Content-Disposition header.

Affected (1)

Products: Google: Chrome

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Version 0.2.149.27

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (26)

http://code.google.com/p/chromium/issues/detail?id=1414

Source: cve@mitre.org

http://osvdb.org/48259

Source: cve@mitre.org

http://security.bkis.vn/?p=119

Source: cve@mitre.org

Exploit

http://securitytracker.com/id?1020823

Source: cve@mitre.org

Exploit

http://src.chromium.org/viewvc/chrome/branches/chrome_official_branch/src/chrome/common/win_util.cc?r1=1757&r2=1766&pathrev=1766

Source: cve@mitre.org

Exploit

http://www.infoworld.com/d/security-central/critical-vulnerability-patched-in-googles-chrome-599

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/archive/1/496042/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/31029

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/31031

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/44935

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/44939

Source: cve@mitre.org

https://www.exploit-db.com/exploits/6365

Source: cve@mitre.org

https://www.exploit-db.com/exploits/6367

Source: cve@mitre.org

http://code.google.com/p/chromium/issues/detail?id=1414

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/48259

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.bkis.vn/?p=119

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://securitytracker.com/id?1020823

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://src.chromium.org/viewvc/chrome/branches/chrome_official_branch/src/chrome/common/win_util.cc?r1=1757&r2=1766&pathrev=1766

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.infoworld.com/d/security-central/critical-vulnerability-patched-in-googles-chrome-599

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/archive/1/496042/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/31029

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/bid/31031

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/44935

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/44939

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/6365

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/6367

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.