Release DateDec 15, 2009 |
Severitycritical |
ImpactSecurity Bypass: Remote attackers can bypass security checking of vulnerable systems. |
DescriptionThis indicates an attack attempt against a security bypass vulnerability in Google Chrome.The vulnerability is caused by a design weakness within Chrome's automatic download navigation component. It allows a remote attacker to force the download of certain dangerous files. |
Affected ProductsGoogle Chrome 3.0.195.24Google Chrome 3.0.195.121 Google Chrome 3.0 Beta |
Recommended ActionsUpgrade to Google Chrome version 3.0.195.32:http://www.google.com/chromed |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-3931 |
Reference/shttp://www.securityfocus.com/bid/36947 (BugTraq)http://www.vupen.com/english/advisories/2009/3159 |
