Google Chrome Cookie Verification Denial of Service Vulnerability

Google Chrome is prone to a denial-of-service vulnerability because it fails to verify the user supplied input.

Successfully exploiting this issue will allow an attacker to inject special characters into the browser's local cookie storage, resulting in the requested website always responding with an error message which is hosted on specific web server software (like lighttpd). This will cause a denial-of-service condition.

Chromium 25.0.1364.160 is vulnerable; other versions may also be affected.

Note: The content related to Mozilla Firefox Browser has been moved to BID 62969 (Mozilla Firefox Browser Cookie Verification Denial of Service Vulnerability) for better documentation.


Privacy Statement
Copyright 2010, SecurityFocus