This attack could pose a moderate security threat. It does not require immediate action.
This signature detects a vulnerability in the Google Chrome which may result in a denial-of-service.
Google Chrome is a web browser.
The application is prone to a remote denial-of-service vulnerability because it fails to handle user-supplied input. An attacker can trigger this issue by enticing an unsuspecting user into visiting a malicious web page that contains carriage-return characters (\r\n\r\n) as arguments to a 'window.open()' function.
Attackers can exploit this issue to make the application unresponsive, denying service to legitimate users.
- Google Chrome 0.2.149.29 and 0.2.149.30 are vulnerable; other versions may also be affected.