CVE-2008-7061

Google Chrome 0.2.149.29 - Denial of Service via Long Title Attribute in Tooltip

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-7061. PoCs published by Exodus.

AI-analyzed exploit summary This exploit triggers a denial-of-service (DoS) condition in Google Chrome 0.2.149.27 by overflowing the title attribute with a large buffer of characters, causing the browser to freeze. The PoC uses JavaScript to generate a buffer of 31337 'E' characters and injects it into the title attribute.

Description

The tooltip manager (chrome/views/tooltip_manager.cc) in Google Chrome 0.2.149.29 Build 1798 and possibly other versions before 0.2.149.30 allows remote attackers to cause a denial of service (CPU consumption or crash) via a tag with a long title attribute, which is not properly handled when displaying a tooltip, a different vulnerability than CVE-2008-6994. NOTE: there is inconsistent information about the environments under which this issue exists.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Exodus · htmldosmultiple

https://www.exploit-db.com/exploits/32311

View Code ZIP pw:eip

This exploit triggers a denial-of-service (DoS) condition in Google Chrome 0.2.149.27 by overflowing the title attribute with a large buffer of characters, causing the browser to freeze. The PoC uses JavaScript to generate a buffer of 31337 'E' characters and injects it into the title attribute.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Google Chrome 0.2.149.27

No auth needed

Prerequisites: Victim must visit a malicious webpage

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (16)

Core 16

Core References

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/496101/100/0/threaded

Exploit mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/496151/100/0/threaded

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/30975

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/496172/100/100/threaded

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/496094/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/45039

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/496078/100/0/threaded

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/496146/100/0/threaded

Exploit mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/496138/100/0/threaded

Release Notes, Vendor Advisory x_refsource_confirm

http://googlechromereleases.blogspot.com/2008/09/beta-release-0214930.html

Exploit, Patch x_refsource_misc

http://src.chromium.org/viewvc/chrome/trunk/src/chrome/views/tooltip_manager.cc?r1=1287&r2=2042&pathrev=2042

Exploit mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/496145/100/0/threaded

Various Sources x_refsource_misc

http://www.blackhat.org.il/exploits/chrome-freeze-exploit.html

Patch x_refsource_confirm

http://src.chromium.org/viewvc/chrome?view=rev&revision=2042

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/496126/100/0/threaded

Exploit, Patch x_refsource_misc

http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/render_widget_host_hwnd.cc?r1=1287&r2=2042&pathrev=2042

Scores

EPSS 0.0426

EPSS Percentile 89.8%

Details

CWE

CWE-399

Status published

Products (1)

google/chrome 0.2.149.29

Published Aug 24, 2009

Tracked Since Feb 18, 2026