A vulnerability in Google Chrome causes it to crash by entering a simple text string

377808-googlechromeicon2011MUMBAI: A user of popular online bulletin board site Reddit recently discovered a bug in Google’s Chrome browser that makes the browser incredibly easy to crash.
Simply entering a 16-character string into the browser address field and hitting enter causes the browser to become unresponsive, then crash spectacularly as it disappears from the running process list.

Entering the text ‘http://a/%%30%30’ into the address field causes the latest version of Chrome on Windows to crash, although there are versions of Chrome on other platforms (such as Android and Mac) that seem to be resilient to this vulnerability. The bug has also been found to affect certain other browsers based on the Webkit platform, such as the Blackberry browser.
In fact, even hovering the mouse over this particular link could cause that browser tab to crash, most likely due to the page preloading mechanism that Chrome tends to utilize. The bug appears to be due to the the manner in which the parameters in the characters are processed.
Not just Chrome, this bug appears to affect certain versions of the Opera browser as well. Although it doesn’t seem to have any adverse affect on Internet Explorer, Edge and Firefox.

Print Friendly, PDF & Email

Leave a Reply

Your email address will not be published. Required fields are marked *