SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2008-6996

Google Chrome BETA (0.2.149.27) does not prompt the user before saving an executable file, which makes it easier for remote attackers or malware to cause a denial of service (disk consumption) or exploit other vulnerabilities via a URL that references an executable file, possibly related to the "ask where to save each file before downloading" setting.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL

Reference:

http://www.securityfocus.com/archive/1/495942/100/0/threaded

http://www.securityfocus.com/archive/1/495959/100/100/threaded

http://www.securityfocus.com/archive/1/495951/100/100/threaded

http://www.securityfocus.com/archive/1/495954/100/100/threaded

http://www.securityfocus.com/archive/1/495987/100/0/threaded

http://www.securityfocus.com/archive/1/496049

http://www.securityfocus.com/archive/1/496048/100/100/threaded

BID-31000

OSVDB-48261

EXPLOIT-DB-6355

googlechrome-file-download(44904)

http://codereview.chromium.org/472/diff/1/2

http://src.chromium.org/viewvc/chrome?view=rev&revision=1793


30479



423868



250363



909



196124



282