Description
The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in the (1) "Downloaded from" and (2) "Privacy considerations" sections without verifying domain names, which makes it easier for remote attackers to spoof domain names and trick users into installing malicious button XML files, as demonstrated by presenting www.google.com when the button was downloaded from an arbitrary site through an open redirector on www.google.com.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/26923
Exploit x_refsource_misc
http://aviv.raffon.net/2007/12/18/GoogleToolbarDialogSpoofingVulnerability.aspx
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28166
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/485288/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39164
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/39499
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3491
Scores
EPSS
0.0125
EPSS Percentile
65.9%
Details
CWE
CWE-200
Status
published
Products (2)
google/toolbar
4
google/toolbar
5 beta
Published
Dec 27, 2007
Tracked Since
Feb 18, 2026