Google Chrome Multiple Vulnerabilities - Dec10 (Windows) Network Vulnerability

Summary

The host is running Google Chrome and is prone to multiple vulnerabilities.

Impact

Successful exploitation could allow the attackers to cause a denial of service. Impact Level: Application

Solution

Upgrade to the Google Chrome 8.0.552.215 or later, For updates refer to http://www.google.com/chrome

Insight

The multiple flaws are due to, - Possible pop-up blocker bypass via unknown vectors. - Cross-origin video theft with canvas elements allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data. - Improper handling of HTML5 databases allows attackers to cause a denial of service. - Excessive file dialogs could lead to a browser crash. - Use after free error in history handling. - Browser crash with HTTP proxy authentication. - Out-of-bounds read regression in WebM video support. - Crash due to bad indexing with malformed video. - Possible browser memory corruption via malicious privileged extension. - Use after free error with SVG animations. - Use after free error in mouse dragging event handling. - A double free error in XPath handling.

Affected

Google Chrome version prior to 8.0.552.215 on windows

References

http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html

Updated on 2015-03-25

Severity

Classification

CVE	CVE-2010-4482, CVE-2010-4483, CVE-2010-4484, CVE-2010-4485, CVE-2010-4486, CVE-2010-4488, CVE-2010-4489, CVE-2010-4490, CVE-2010-4491, CVE-2010-4492, CVE-2010-4493, CVE-2010-4494

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Google Chrome multiple vulnerabilities - Dec10 (Windows)

Take action and discover your vulnerabilities