Summary
The host is running Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow attackers to cause a denial of service.
Impact Level: Application
Solution
Upgrade to the Google Chrome 8.0.552.224 or later, For updates refer to http://www.google.com/chrome
Insight
- The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/ theme_installed_infobar_delegate.cc does not properly handle incorrect tab interaction by an extension.
- browser/worker_host/message_port_dispatcher.cc does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service via crafted JavaScript code that creates a web worker.
- Out-of-bounds read error in CSS parsing allows remote attackers to cause a denial of service.
- Stale pointers in cursor handling allows remote attackers to cause a denial of service.
Affected
Google Chrome version prior to 8.0.552.224 on Linux
References
- http://code.google.com/p/chromium/issues/detail?id=60761
- http://code.google.com/p/chromium/issues/detail?id=63529
- http://code.google.com/p/chromium/issues/detail?id=63866
- http://code.google.com/p/chromium/issues/detail?id=64959
- http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-4575, CVE-2010-4576, CVE-2010-4577, CVE-2010-4578 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Linux)
- Adobe Extension Manager CS5 Insecure Library Loading Vulnerability (Win)
- Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Windows)
- Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Windows)
- Adobe ExtendedScript Toolkit (ESTK) Insecure Library Loading Vulnerability (Win)