Summary
This host is installed with google chrome frame plugin for microsoft ie and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow remote attacker to crash the program via a specially crafted _blank value for the target attribute of an A element.
Impact Level: Application
Solution
Upgrade to Google Chrome Frame plugin 26.0.1410.28 or later, For updates refer to http://www.google.com/chromeframe
Insight
Flaw due to an improper handling of an attach tab request in the Hook_Terminate function in chrome_frame/protocol_sink_wrap.cc.
Affected
Google Chrome Frame plugin version before 26.0.1410.28
References
Severity
Classification
-
CVE CVE-2013-2493 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities