"During unrelated research, I came across
a number of security issues that reside in various parts of Google's
web browser – Google Chrome.
These
issues pose a major threat to any user that browses a maliciously
crafted page using Internet Explorer and has Google Chrome installed
alongside.
Using a vulnerability in
the ChromeHTML URL handler, it is possible to force Google Chrome load
arbitrary URIs when it is launched through IE. Combined with other
issues, this seemingly harmless vulnerability opens the door to two
major attack vectors:
- Bypass the Same Origin Policy restrictions for any site (this has the same impact as Universal XSS)
- Enumerate victim's local files and directories
A thorough explanation of the issues, attack vectors and impact can be found in the following advisory."
Read more: http://blog.watchfire.com/wfblog/2009/04/google-chrome-universal-xss-vulnerability-.html
