Google Chrome 'SaveAs' Function 'Title' Tag Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

Google Chrome 'SaveAs' Function 'Title' Tag Buffer Overflow Vulnerability

An attacker must convince an unsuspecting user to save a malicious web page by using the application's 'SaveAs' function.

The following example HTML code is available:

/data/vulnerabilities/exploits/31029.html
/data/vulnerabilities/exploits/31031.php