Info

Disclosure

Dec 13, 2011

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Dec 13, 2011

Description

Google Chrome contains a flaw in the 'PrerenderContents::StartPrerendering' function in prerender/prerender_contents.cc that is triggered when handling site redirects using the 'view-source' URI scheme. With a specially crafted web page, a context-dependent attacker can spoof the URL bar.

Classification

Location: Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Public
Disclosure: Vendor Verified, Coordinated Disclosure
OSVDB: Web Related

Solution

Upgrade to version 16.0.912.63 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Google, Inc.

Chrome

15.0.874.121

References

OVAL ID: 14299
CVE ID: 2011-3907 (see also: NVD)
Secunia Advisory ID: 47231 47445
Related OSVDB ID: 77706 77707 77708 77710 77711 77712 77713 77714 77715 77716 77717 77718 77719 77720
Other Advisory URL: http://blog.acrossecurity.com/2012/01/google-chrome-https-address-bar.html
Vendor Specific News/Changelog Entry: http://code.google.com/p/chromium/issues/detail?id=99016
http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html
http://security.gentoo.org/glsa/glsa-201201-03.xml
Mail List Post: http://seclists.org/bugtraq/2012/Jan/19

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/77709