‘Google Chrome Browser URL Handler Crash’
Published on September 3rd, 2008
‘An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a ‘special’ character, the chrome crashes with a Google Chrome message window ‘Whoa! Google Chrome has crashed. Restart now?’. It crashes on ‘int 3’ at 0x01002FF3 as an exception/trap, followed by ‘POP EBP’ instruction when pointed out by the EIP register at 0x01002FF4.’
‘The information has been provided by Rishi Narang.
The original article can be found at: http://evilfingers.com/advisory/google_chrome_poc.php‘
* Google Chrome Browser version 0.2.149.27
Click for a demo (clicking will cause the browser to crash) HERE.’