BugTraq
Google Chrome Automatic File Download Sep 02 2008 10:58PM
nerex live com (2 replies)
Re: Google Chrome Automatic File Download Sep 03 2008 06:03PM
Razi Shaban (razishaban gmail com) (1 replies)
RE: Google Chrome Automatic File Download Sep 03 2008 09:24PM
James C. Slora Jr. (james slora phra com)
Razi Shaban wrote Wednesday, September 03, 2008 2:04 PM

> There's a huge difference between downloading and running.
> If a file that is unwanted is auto-downloaded, just delete it.
> No harm done.

Unapproved download does open exploit vectors against other
vulnerabilities, especially when the download is to a location the
attacker can predict.

Merely opening a folder in a GUI triggers exploitable actions such as
icon display. Desktop.ini in Windows triggers actions when its
containing folder is opened. Selecting a file to delete it can trigger
other exploitable actions. Anti-virus scans and other automatic
processes can be exploited by the download or even the mere presence of
some hostile files.

There is plenty of actual malware in the wild that only needs you to
touch the file or scan it with AV or list it in the GUI to be owned,
depending on companion vulnerabilities.

Some vulnerability exploits are mitigated by their need to access a
local file from a known location. Automatic file downloading to a
predictable location eliminates that mitigation.

So users should always be prompted when content is copied to any
location other than their browser cache, and higher-risk file types
should not even go to the cache without giving the user a fighting
chance to refuse the file.

[ reply ]
RES: Google Chrome Automatic File Download Sep 03 2008 05:28PM
DIOGO LEAL CHAGAS (diogo chagas csn com br) (1 replies)
Re: RES: Google Chrome Automatic File Download Sep 06 2008 06:06AM
Nick FitzGerald (nick virus-l demon co uk)


 

Privacy Statement
Copyright 2010, SecurityFocus