New issue
Advanced search Search tips

Issue 608282 link

Starred by 2 users
Status: WontFix
Owner: ----
Closed: May 2016
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: Use Google Chrome in Privilege Escalation

Reported by xtr3am3r...@gmail.com, May 2 2016 
Hi! I am make video as proof how ez, to get system.
Video_2016-05-02_114732.rar
9.3 MB Download

Comment 1 by xtr3am3r...@gmail.com, May 2 2016 

This is pure Python updater for this bug

Comment 2 by xtr3am3r...@gmail.com, May 2 2016 

Owner: xtr3am3r.0k@gmail.com
OS: Windows XP,7,8,10

Comment 3 by rsesek@chromium.org, May 2 2016 

What you are describing is a physically-local attack, which is outside Chrome's threat model. If you already have access to replace arbitrary files on the system, you can just as well replace system executables as well. See this FAQ item for more info: http://dev.chromium.org/Home/chromium-security/security-faq#TOC-Why-aren-t-physically-local-attacks-in-Chrome-s-threat-model-

Comment 4 by rsesek@chromium.org, May 2 2016

Status: WontFix (was: Unconfirmed)
Project Member

Comment 5 by sheriffbot@chromium.org, Aug 9 2016

Labels: -Restrict-View-SecurityTeam
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 6 by sheriffbot@chromium.org, Oct 1 2016 

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 7 by sheriffbot@chromium.org, Oct 2 2016 

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 8 by mbarbe...@chromium.org, Oct 2 2016

Labels: allpublic

Sign in to add a comment