What is the severity of CVE-2008-5749?

CVE-2008-5749 is classified as a disputed vulnerability, which could potentially allow remote code execution under certain conditions.

How do I fix CVE-2008-5749?

To mitigate CVE-2008-5749, users should update Google Chrome to a version later than 1.0.154.36.

Which versions of Google Chrome are affected by CVE-2008-5749?

CVE-2008-5749 specifically affects Google Chrome version 1.0.154.36 on Windows XP SP3.

Can CVE-2008-5749 be exploited without user interaction?

CVE-2008-5749 requires user interaction to execute arbitrary commands via the --renderer-path option.

Is CVE-2008-5749 specific to any operating system?

Yes, CVE-2008-5749 is specifically reported on Windows XP SP3 with Google Chrome version 1.0.154.36.

Vulnerability/
CVE-2008-5749

medium

6.8

CWE

29/12/2008

7/8/2024

CVE-2008-5749: Code Injection

First published: Mon Dec 29 2008(Updated: )

** DISPUTED ** Argument injection vulnerability in Google Chrome 1.0.154.36 on Windows XP SP3 allows remote attackers to execute arbitrary commands via the --renderer-path option in a chromehtml: URI. NOTE: a third party disputes this issue, stating that Chrome "will ask for user permission" and "cannot launch the applet even [if] you have given out the permission."

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
All of
Google Chrome (Trace Event)	=1.0.154.36
Microsoft Windows XP	=sp3
Google Chrome (Trace Event)	=1.0.154.36
Microsoft Windows XP	=sp3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-5749?
CVE-2008-5749 is classified as a disputed vulnerability, which could potentially allow remote code execution under certain conditions.
How do I fix CVE-2008-5749?
To mitigate CVE-2008-5749, users should update Google Chrome to a version later than 1.0.154.36.
Which versions of Google Chrome are affected by CVE-2008-5749?
CVE-2008-5749 specifically affects Google Chrome version 1.0.154.36 on Windows XP SP3.
Can CVE-2008-5749 be exploited without user interaction?
CVE-2008-5749 requires user interaction to execute arbitrary commands via the --renderer-path option.
Is CVE-2008-5749 specific to any operating system?
Yes, CVE-2008-5749 is specifically reported on Windows XP SP3 with Google Chrome version 1.0.154.36.

collector/nvd-historical
agent/type
agent/weakness
agent/references
agent/severity
agent/status
agent/description
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/first-publish-date
agent/event
agent/last-modified-date
agent/source
agent/tags
agent/author
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
vendor/google
canonical/google chrome (trace event)
version/google chrome (trace event)/1.0.154.36
vendor/microsoft
canonical/microsoft windows xp
version/microsoft windows xp/sp3
status/disputed

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.