Argument injection vulnerability in Google Chrome 1.0.154.36 on Windows XP SP3 allows remote attackers to execute arbitrary commands via the --renderer-path option in a chromehtml: URI. NOTE: a third party disputes this issue, stating that Chrome "will ask for user permission" and "cannot launch the applet even [if] you have given out the permission.
References
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 02:03
Type | Values Removed | Values Added |
---|---|---|
Summary | Argument injection vulnerability in Google Chrome 1.0.154.36 on Windows XP SP3 allows remote attackers to execute arbitrary commands via the --renderer-path option in a chromehtml: URI. NOTE: a third party disputes this issue, stating that Chrome "will ask for user permission" and "cannot launch the applet even [if] you have given out the permission. |
Information
Published : 2008-12-29 15:24
Updated : 2024-04-11 00:44
NVD link : CVE-2008-5749
Mitre link : CVE-2008-5749
CVE.ORG link : CVE-2008-5749
JSON object : View
Products Affected
- chrome
microsoft
- windows_xp
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')