CVE-2008-6994

Name of the Vulnerable Software and Affected Versions Google Chrome version 0.2.149.27

Description The issue is a stack-based buffer overflow in the SaveAs feature, specifically in the SaveFileAsWithFilter function in win util.cc. This allows user-assisted remote attackers to execute arbitrary code via a web page with a long TITLE element. The overflow is triggered when the user saves the page and a long filename is generated. It might also be possible to exploit this issue via an HTTP response that includes a long filename in a Content-Disposition header.

Recommendations For Google Chrome version 0.2.149.27, consider updating to a newer version to mitigate the risk of exploitation. As a temporary workaround, avoid saving web pages with long TITLE elements or long filenames. Restrict access to the SaveAs feature until a patch is available.