Four Chrome Bugs Found While Pentesting Silverlight

While testing Silverlight in Chrome 4.0.249.78, I stumbled across four Chrome-specific issues that were unrelated to Silverlight itself. They are a good reminder that security testing one component often surfaces bugs in the surrounding environment.

Bug 1 — DoS: Link Click While DevTools Are Paused

Clicking a link on a page while the JavaScript debugger was paused caused Chrome to crash.

Bug 2 — Access Violation: Event from Non-Existent Window

Firing an event from a window reference that had already been closed triggered an access violation in the renderer process.

Bug 3 — Close Any Tab

window.open("", "_self").close();

Calling window.open with "_self" as the target and immediately closing the returned reference closed the current tab without any user confirmation.

Bug 4 — Open a Modal Outside the Screen Bounds

Passing negative coordinates to a modal dialog function allowed it to be positioned entirely off-screen, making it impossible for the user to interact with or dismiss it.

These were filed separately with the Chrome security team. The close-any-tab issue was the most interesting from a practical standpoint — it was a low-noise denial-of-service against the user’s browsing session.

Found during my years at Microsoft (2006–2014). These bugs were patched long ago — shared here as a historical record for learning purposes.