1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Google Chrome Carriage Return DoS

HTTP Google Chrome Carriage Return DoS

Severity: Medium

This attack could pose a moderate security threat. It does not require immediate action.

Description

This signature detects a vulnerability in the Google Chrome which may result in a denial-of-service.

Additional Information

Google Chrome is a web browser.

The application is prone to a remote denial-of-service vulnerability because it fails to handle user-supplied input. An attacker can trigger this issue by enticing an unsuspecting user into visiting a malicious web page that contains carriage-return characters (\r\n\r\n) as arguments to a 'window.open()' function.

Attackers can exploit this issue to make the application unresponsive, denying service to legitimate users.

Affected

  • Google Chrome 0.2.149.29 and 0.2.149.30 are vulnerable; other versions may also be affected.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube