HTTP: Google Chrome Java Script Message Box Denial of Service
This signature detects attempts to exploit a known vulnerability against Google Chrome. A successful attack can result in a denial-of-service condition.
Extended Description
Google Chrome is prone to a vulnerability that allows access to out-of-bounds memory. The problem occurs because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to cause the affected browser to stop responding and possibly to disclose potentially sensitive information. The attacker may also be able to execute arbitrary code, but this has not been confirmed. Google Chrome 1.0.154.48 is vulnerable; other versions may also be affected. NOTE: The validity of this vulnerability is in dispute due to conflicting reports. We will update this BID when more definitive information is available.
Affected Products
Google chrome
Short Name
HTTP:STC:CHROME:JS-MSGBOX-DOS
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Box Chrome Denial Google Java Message Script Service bid:34130 of
Release Date
09/15/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3604
False Positive
Rarely
Vendors