Summary
The host is running Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow the attackers to cause denial of service.
Impact Level: Application
Solution
Upgrade to the Google Chrome 5.0.375.99 or later,
For updates refer to http://www.google.com/chrome
Insight
Multiple flaws are due to:
- out-of-bounds read error with 'WebGL'.
- Application fails to isolate 'isandboxed IFRAME' elements, which has unspecified impact and remote attack vectors.
- Memory corruption error in 'Unicode Bidirectional' Algorithm.
- Invalid 'SVG' document, which allows remote attackers to cause a denial of service.
- Unspecified error, which allows remote attackers to cause a denial of service via an invalid image.
- Memory corruption with invalid 'PNG', 'CSS style rendering'.
- Unspecified error in 'annoyance with print dialogs'.
- Application fails to properly implement 'modal dialogs'.
Affected
Google Chrome version prior to 5.0.375.99
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-2645, CVE-2010-2646, CVE-2010-2647, CVE-2010-2648, CVE-2010-2649, CVE-2010-2650, CVE-2010-2651, CVE-2010-2652 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Mac OS X)
- Adobe Air Multiple Vulnerabilities - October 12 (Windows)
- Adobe Acrobat Multiple Vulnerabilities - Mac OS X
- Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability
- Adobe AIR Multiple Vulnerabilities -02 April 13 (Mac OS X)