Remote Code Execution Vulnerability in Google Toolbar by Google
CVE-2002-1442

Currently unrated

Key Information:

Vendor: Google
Status: Toolbar
Vendor: CVE Published:; 11 April 2003

Summary

The Google Toolbar versions up to 1.1.58 are susceptible to a remote code execution vulnerability that could allow malicious websites to perform unauthorized operations. By opening a window to tools.google.com or using the 'res:' protocol, an attacker can manipulate the toolbar's configuration URL through script execution. This practice circumvents origin verification checks, leading to possible unauthorized access to local system resources, including files and functionality within the user's environment.

References

http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/...

mailing-listx_refsource_NTBUGTRAQ

http://online.securityfocus.com/archive/1/286527

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/5424

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 11, 2003
Vulnerability Reserved
Feb 5, 2003