HTTP: Google Chrome Multiple File Type Security Bypass
This signature detects attempts to exploit a known vulnerability against Google Chrome. Attackers can bypass security restrictions on directories enabling them to view, edit, and download information.
Extended Description
Google Chrome is prone to a security-bypass issue and a memory-corruption issue. Attackers can exploit these issues to bypass certain security checks, trick users into executing scripts in the local context, execute arbitrary code in the context of the browser, and cause a denial-of-service condition; other attacks are also possible. Versions prior to Chrome 3.0.195.32 are vulnerable.
Affected Products
Google chrome
Short Name
HTTP:STC:CHROME:MUL-FILE-TYPE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Bypass CVE-2009-3931 Chrome File Google Multiple Security Type bid:36947
Release Date
07/11/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
CVSS Score
9.3