My favorites | Sign in
Google
Project Home
  
Downloads
  
Wiki
  
Issues
  
Source
    
New issue | Search
for
| Advanced search | Search tips
Issue 62: Browser Plugin SRPC SharedMemory Type Confusion Infoleak
3 people starred this issue and may be notified of changes. Back to list
Status:  Fixed
Owner:  sehr+leg...@google.com
Closed:  Apr 2009
Security-Contest
Type-Defect


Sign in to add a comment
 
Reported by mark.dowd, Mar 16, 2009 
There is a type confusion issue in the SharedMemory object due to a failure
to check to ensure that the string object passed to the write() method is
really a string. Results in the ability to read arbitrary process memory.
srpc_infoleak2_shm.zip
7.8 KB Download
Comment 1 by mark.dowd, Mar 16, 2009 
Forgot the team name again. It should be "Beached As"
Comment 2 by nativeclient.admin, Mar 25, 2009 
Verified as an issue.
Status: Accepted
Owner: s...@google.com
Comment 3 by nativeclient.admin, Mar 25, 2009 
(No comment was entered for this change.)
Labels: Type-Defect
Comment 4 by nativeclient.admin, Apr 10, 2009 
Fix was released in build 57.
Status: Fixed
Sign in to add a comment