lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <6B79C1948B244D48B1EC005A47B55A80379FB4@CSNEXCH1.corp.csn.com.br>
Date: Wed, 3 Sep 2008 14:28:19 -0300
From: "DIOGO LEAL CHAGAS" <diogo.chagas@....com.br>
To: <bugtraq@...urityfocus.com>
Subject: RES: Google Chrome Automatic File Download

To "fix" this "problem":

In Google chrome
Tools -> Options -> Minor Tweaks (tab) in download location: check the "ask where to save each file before downloading"

Diogo

De: nerex@...e.com [mailto:nerex@...e.com] 
Enviada em: terça-feira, 2 de setembro de 2008 19:58
Para: bugtraq@...urityfocus.com
Assunto: Google Chrome Automatic File Download

Google's Chrome (BETA) allows files (e.g. executable files) to be automatically downloaded to the user's computer without any user prompt.

 

To check the flaw, open a URL that points to an executable file.

 

nerex

----------
Esta mensagem pode conter informacoes confidenciais e/ou privilegiadas. 
Se voce nao for o seu destinatario, favor comunicar imediatamente ao remetente e destruir todas as informacoes e suas copias.

This message may contain information which is confidential and/or privileged. 
If you are not the intended recipient, please advise the sender immediately and destroy it and all copies.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ