Remote Code Execution Vulnerability in Google Desktop by Google
CVE-2007-3150

Currently unrated

Key Information:

Vendor: Google
Status: Desktop
Vendor: CVE Published:; 11 June 2007

Summary

The vulnerability in Google Desktop allows an attacker to execute arbitrary programs on a user's system through a man-in-the-middle attack. When a user performs a search on Google, specially crafted JavaScript can be injected, leading to the display of a link to a local executable file in the search results. If clicked, this link can trigger Google Desktop to run the executable, potentially compromising the user's system security. This threat emphasizes the importance of securing web traffic and being cautious with search results.

References

http://osvdb.org/40566

vdb-entryx_refsource_OSVDB

http://ha.ckers.org/blog/20070531/google-desktop-0day/

x_refsource_MISC

http://ha.ckers.org/google-desktop-0day/

x_refsource_MISC

Timeline

Vulnerability published
Jun 11, 2007
Vulnerability Reserved
Jun 11, 2007