Summary
The host is installed with Google Chrome and is prone to multiple denial of service vulnerabilities.
Impact
Successful exploitation could allow attackers to execute arbitrary code, cause a denial of service.
Impact Level: Application
Solution
Upgrade to the Google Chrome 16.0.912.75 or later, For updates refer to http://www.google.com/chrome
Insight
Multiple flaws are due to,
- A use-after-free error when the handling of animation frames.
- A boundary error within the 'xmlStringLenDecodeEntities()' function of libxml2
- A stack based buffer overflow error in glyph handling.
Affected
Google Chrome version prior to 16.0.912.75 on Linux
References
Severity
Classification
-
CVE CVE-2011-3919, CVE-2011-3921, CVE-2011-3922 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- FlashGet FTP PWD Response Remote Buffer Overflow Vulnerability
- Apple QuickTime Malformed .mov File Buffer Overflow Vulnerability
- Asterisk SIP Channel Driver Denial Of Service Vulnerability (Linux)
- Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Mac OS X)
- Aast! Antivirus 'aavmker4.sys' Denial Of Service Vulnerability (Win)