CVE-2007-6536

Name of the Vulnerable Software and Affected Versions Google Toolbar versions 4 and 5 beta

Description The issue allows remote attackers to spoof domain names, making it easier to trick users into installing malicious button XML files. This is because the Custom Button Installer dialog presents certain domain names without verifying them, as seen in the "Downloaded from" and "Privacy considerations" sections. This can be exploited by presenting a trusted domain name, such as www.google.com, when the button was actually downloaded from an arbitrary site through an open redirector on the trusted domain.

Recommendations For Google Toolbar versions 4 and 5 beta, consider disabling the Custom Button Installer dialog until a patch is available to prevent the installation of malicious button XML files. Restrict access to the button installation feature to minimize the risk of exploitation. Avoid installing buttons from untrusted sources to reduce the risk of installing malicious files.