Short Name |
HTTP:STC:CHROME:JS-MSGBOX-DOS |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Google Chrome Java Script Message Box Denial of Service |
Release Date |
2014/09/15 |
Update Number |
2419 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Google Chrome. A successful attack can result in a denial-of-service condition.
Google Chrome is prone to a vulnerability that allows access to out-of-bounds memory. The problem occurs because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to cause the affected browser to stop responding and possibly to disclose potentially sensitive information. The attacker may also be able to execute arbitrary code, but this has not been confirmed. Google Chrome 1.0.154.48 is vulnerable; other versions may also be affected. NOTE: The validity of this vulnerability is in dispute due to conflicting reports. We will update this BID when more definitive information is available.