New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 716724 link

Starred by 2 users

Issue metadata

Status: Duplicate
Merged: issue 670488
Owner: ----
Closed: Jul 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug



Sign in to add a comment

Chrome thumbnails can be used to disclose sensitive info

Reported by avenie...@gmail.com, Apr 29 2017

Issue description

UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Steps to reproduce the problem:
1. Just press new tab
2. Check the thumbnails displayed
3. If there is something interested focus on it by hacking some javascript

What is the expected behavior?
The thumbnails can display screenshots from sites even the current user has logged off of them.

What went wrong?
A cracker can extract sensitive info from those thumbnails by enlarge them in order to display their contents.

Did this work before? N/A 

Chrome version: 57.0.2987.133  Channel: stable
OS Version: 10.0
Flash Version: 

Using the above feature any cracker who has physical access to the victim's box, can read sensitive info from any site a user has visited (bank accounts, email accounts, etc) while this site has been thumbnailed. Please note that the actual problem is that the image of the thumbnail does not take into account if the legal user is still logged-in or not.
This is actually a violation of Security and specially the "Confidentiality".
 
Capture01.JPG
90.1 KB View Download
Capture02.JPG
213 KB View Download
Capture03.JPG
168 KB View Download

Comment 1 by ajha@chromium.org, Jul 14 2017

Components: -UI UI>Extensions>NewTabPage

Comment 2 by treib@chromium.org, Jul 14 2017

Mergedinto: 670488
Status: Duplicate (was: Unconfirmed)
This has just been resolved on ToT, by limiting the maximum size the thumbnails can have. Note that if you do not want the tile to show up at all, you can simply remove it from the NTP by pressing the small "x" that shows up on hover.

Sign in to add a comment