vendor:
Google Apps
by:
nine:situations:group::pyrokinesis
7.5
CVSS
HIGH
Cross-Browser Remote Command Execution
CWE
Product Name: Google Apps
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Internet Explorer 8 (Windows XP SP3), Internet Explorer 7 (Windows XP SP3), Google Chrome 2.0.172.43
google apps googleapps.url.mailto:// uri handler cross-browser remote command execution exploit (Internet Explorer)
The exploit takes advantage of the vulnerable googleapps.url.mailto:// URI handler in Internet Explorer. By injecting the '--domain=' switch for the googleapps.exe executable, arbitrary switches can be passed to the Google Chrome chrome.exe executable, allowing the execution of arbitrary commands or batch files from the local system or a remote network share.
Mitigation:
To mitigate this vulnerability, it is recommended to update Internet Explorer and Google Chrome to the latest versions. Additionally, users should exercise caution when clicking on unknown or suspicious links.