Issue metadata
Sign in to add a comment
|
Chrome thumbnails can be used to disclose sensitive info
Reported by
avenie...@gmail.com,
Apr 29 2017
|
||||||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Steps to reproduce the problem: 1. Just press new tab 2. Check the thumbnails displayed 3. If there is something interested focus on it by hacking some javascript What is the expected behavior? The thumbnails can display screenshots from sites even the current user has logged off of them. What went wrong? A cracker can extract sensitive info from those thumbnails by enlarge them in order to display their contents. Did this work before? N/A Chrome version: 57.0.2987.133 Channel: stable OS Version: 10.0 Flash Version: Using the above feature any cracker who has physical access to the victim's box, can read sensitive info from any site a user has visited (bank accounts, email accounts, etc) while this site has been thumbnailed. Please note that the actual problem is that the image of the thumbnail does not take into account if the legal user is still logged-in or not. This is actually a violation of Security and specially the "Confidentiality".
,
Jul 14 2017
This has just been resolved on ToT, by limiting the maximum size the thumbnails can have. Note that if you do not want the tile to show up at all, you can simply remove it from the NTP by pressing the small "x" that shows up on hover. |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by ajha@chromium.org
, Jul 14 2017