New Chrome Exploit Bypasses Sandbox, ASLR and DEP

Posted by Soulskill on Monday May 9, 2011 @09:48AM from the is-it-time-for-the-disclosure-argument-again dept.

Trailrunner7 writes "Researchers at the French security firm VUPEN say they have discovered several new vulnerabilities in Google Chrome that enable them to bypass the browser's sandbox, as well as ASLR and DEP, and run arbitrary code on a vulnerable machine. The company said they are not going to disclose the details of the bugs right now, but they have shared information with some of their government customers. The vulnerabilities are present in the latest version of Chrome running on Windows 7, VUPEN said."

2 of 150 comments (clear)

Min score:

Reason:

Sort:

from vulpen site by JonySuede · 2011-05-09 10:13 · Score: 2, Funny

As the world leader in vulnerability research, VUPEN provides offensive and highly sophisticated exploits specifically designed for Law Enforcement and Intelligence Agencies to help them achieve their offensive missions using tailored and unique codes created in-house by VUPEN.
God I hate those french researchers, liberty fraternity equality OR DEATH my ass

--
Jehovah be praised, Oracle was not selected
Why would the government care? by dicobalt · 2011-05-09 10:34 · Score: 5, Funny

They run IE6.