Google Chrome Clickjacking Vulnerability June13 (Windows) Network Vulnerability

Summary

The host is installed with Google Chrome and is prone to Clickjacking vulnerability.

Impact

Successful exploitation will allow attackers to obtain sensitive information and conduct clickjacking attacks against the users Flash configuration. Impact Level: Application

Solution

Upgrade to the Google Chrome 27.0.1453.116 or later, For updates refer to http://www.google.com/chrome

Insight

Flaw within Flash plug-in which does not properly determine whether a user wishes to permit camera or microphone access by a Flash application.

Affected

Google Chrome version prior to 27.0.1453.116 on Windows

References

http://googlechromereleases.blogspot.in/2013/06/stable-channel-update_18.html
http://securitytracker.com/id/1028694

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-2866

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Tomcat Multiple Vulnerabilities-01 (Nov14)
Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)
Apple Safari Webkit Multiple Vulnerabilities - June13 (Mac OS X)
Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Win)
Apple Safari Multiple Vulnerabilities Dec13 (Mac OS X)

Take action and discover your vulnerabilities