Issue metadata
Sign in to add a comment
|
Autofill/Password Chromium Security Issue 749527 vanished from Monorail
Reported by
marsolle...@gmail.com,
Jul 28 2017
|
||||||||||||||||||||
Issue descriptionTwo days ago I reported an issue to Google Chrome, keeping the official format and discretion. It's about Autofill passwords found in unencrypted RAM made easily accessible also via Javascript for an arbitrary extension, as you for sure know. I used a Disassembler/Debugger/Memory Dumping tool to also verify that the passwords appear in memory unencrypted, and there is no runtime encryption in place whatsoever. I walked through file trees of Chrome and found Chrome's SQLite database containing URLs and E-Mail addresses, that are also listed on chrome://settings/passwords - Obviously, here you need a system password for a fully visible password here in this internal Chrome location; yet - when you manage to navigate the browser to the target URL, you don't need that anymore, since Javascript will do the trick. That can be abused by a CRX extension or my maliciously running native code having access to process memory, even though that requires full system privileges which Project Zero should know a thing or two about. I would at least except Google and the Chromium team to keep courtesy and inform me before tracelessly removing a seriously meant bug report to the project. Btw, the password shown in the screenshot is not a real password.
,
Nov 4 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by elawrence@chromium.org
, Jul 28 2017Status: Duplicate (was: Unconfirmed)