Security: viewing .html file with vb script code causes endless refreshs
Reported by
nelson.r...@gmail.com,
Jul 6 2017
|
|||
Issue descriptionPlease see the following link for instructions on filing security bugs: http://www.chromium.org/Home/chromium-security/reporting-security-bugs NOTE: Security bugs are normally made public once a fix has been widely deployed. VULNERABILITY DETAILS Please provide a brief explanation of the security issue. VERSION Google Chrome 59.0.3071.115 (Official Build) (64-bit) (cohort: Stable) Revision 3cf8514bb1239453fd15ff1f7efee389ac9df8ba-refs/branch-heads/3071@{#820} OS Windows JavaScript V8 5.9.211.38 Flash 26.0.0.131 C:\Users\nnelson\AppData\Local\Google\Chrome\User Data\PepperFlash\26.0.0.131\pepflashplayer.dll User Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36 Command Line "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --flag-switches-begin --allow-nacl-socket-api=* --enable-nacl --flag-switches-end REPRODUCTION CASE open file then endless refresh. could create a memory pool to inject malicious code or overuse memory.
,
Jul 7 2017
The provided page appears to be https://gallery.technet.microsoft.com/scriptcenter/VB-Script-to-Check-and-620579cd, which is a download page on Microsoft TechNet. I don't see the endless refresh behaviour. Are you sure you don't have an extension installed that is causing the refreshes?
,
Jul 7 2017
Refreshing the browser isn't a security bug.
,
Jul 7 2017
This is working as intended. It has nothing to do with VBScript in the page, and is caused by the following JavaScript in Documentation.html:
if (top.location == self.location) {
window.location.replace(window.location.href.replace('/description', ''));
}
This page creates an endless navigation loop.
,
Jul 7 2017
Awesome. You guys are as good as I expected. Thanks for looking into this. |
|||
►
Sign in to add a comment |
|||
Comment 1 by jialiul@chromium.org
, Jul 6 2017