CVE-2008-6995

Publication date

2009-08-18 10:00:00

Family

mitre

State

PUBLISHED

Description

Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote attackers to cause a denial of service (browser crash) via a URI with an invalid handler followed by a "%" (percent) character, which triggers a buffer over-read, as demonstrated using an "about:%" URI.