Summary
The host is installed with Google Chrome
and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote
attackers to cause a denial of service (application crash) or possibly have unspecified other impacts.
Impact Level: Application
Solution
Upgrade to Google Chrome version
11.0.696.65 or later, For updates refer to http://www.google.com/chrome
Insight
Multiple Flaws are due to,
- Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp script within WebCore in WebKit.
- Integer underflow in the HTMLFormElement::removeFormElement function in html/HTMLFormElement.cpp script within WebCore in WebKit.
- Integer overflow in the FilterEffect::copyImageBytes function in platform/graphics/filters/FilterEffect.cpp script within WebCore in WebKit.
- Integer overflow in the FilterEffect.
- Two unspecified errors in rendering/svg/RenderSVGText.cpp script within WebCore in WebKit.
Affected
Google Chrome version prior to
11.0.696.65 on Mac OS X.
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2011-1793, CVE-2011-1794, CVE-2011-1795, CVE-2011-1796, CVE-2011-1798 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Linux)
- 7T Interactive Graphical SCADA System Multiple Security Vulnerabilities
- Adobe AIR Multiple Vulnerabilities-01 Sep14 (Mac OS X)
- Adobe AIR Security Bypass Vulnerability Jan14 (Mac OS X)
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)