漏洞信息详情
Google CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome Malformed 工具提示管理器 资源管理错误漏洞
- CNNVD编号:CNNVD-200908-374
- 危害等级: 中危
- CVE编号: CVE-2008-7061
- 漏洞类型: 资源管理错误
- 发布时间: 2009-08-24
- 威胁类型: 远程
- 更新时间: 2009-08-25
- 厂 商: Google
- 漏洞来源: Exodus
漏洞简介
Google CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome 0.2.149.29 Build 1798以及可能0.2.149.30之前的其他版本中的工具提示管理器(CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome/views/tooltip_manager.cc)存在资源管理错误漏洞。远程攻击者可以借助一个带有长标题属性的标签,导致拒绝服务攻击(CPU耗竭或崩溃)。当显示一个工具提示时,该属性没有得到正确的处理。此漏洞不同于CVE-2008-6994。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接: http://GoogleCMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chromereleases.blogspot.com/2008/09/beta-release-0214930.HTML
参考网址
来源: MISC 链接:http://src.chromium.org/viewvc/CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome/trunk/src/CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome/views/tooltip_manager.cc?r1=1287&r2=2042&pathrev=2042 来源: MISC 链接:http://src.chromium.org/viewvc/CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome/trunk/src/CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome/browser/render_widget_host_hwnd.cc?r1=1287&r2=2042&pathrev=2042 来源: XF 名称: Google-CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome-titletag-dos(45039) 链接:http://xforce.iss.net/xforce/xfdb/45039 来源: BID 名称: 30975 链接:http://www.securityfocus.com/bid/30975 来源: BUGTRAQ 名称: 20080910 Re: CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit 链接:http://www.securityfocus.com/archive/1/archive/1/496172/100/100/threaded 来源: BUGTRAQ 名称: 20080909 Re: CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit 链接:http://www.securityfocus.com/archive/1/archive/1/496146/100/0/threaded 来源: BUGTRAQ 名称: 20080908 Re: CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit 链接:http://www.securityfocus.com/archive/1/archive/1/496094/100/0/threaded 来源: BUGTRAQ 名称: 20080908 CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit 链接:http://www.securityfocus.com/archive/1/archive/1/496078/100/0/threaded 来源: BUGTRAQ 名称: 20080909 Re: CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit 链接:http://www.securityfocus.com/archive/1/496151/100/0/threaded 来源: BUGTRAQ 名称: 20080909 Re: CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit 链接:http://www.securityfocus.com/archive/1/496145/100/0/threaded 来源: BUGTRAQ 名称: 20080908 Re: CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit 链接:http://www.securityfocus.com/archive/1/496138/100/0/threaded 来源: BUGTRAQ 名称: 20080908 Re: CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit 链接:http://www.securityfocus.com/archive/1/496126/100/0/threaded 来源: BUGTRAQ 名称: 20080908 Re: CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit 链接:http://www.securityfocus.com/archive/1/496101/100/0/threaded 来源: src.chromium.org 链接:http://src.chromium.org/viewvc/CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome?view=rev&revision=2042 来源: GoogleCMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chromereleases.blogspot.com 链接:http://GoogleCMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chromereleases.blogspot.com/2008/09/beta-release-0214930.HTML
受影响实体
补丁
暂无
评论