Summary
This host is installed with Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation will let the attacker execute arbitrary JavaScript code and disclose the content of local files, memory corruption or CPU consumption and which may result in Denial of Service condition.
Impact Level: System/Application
Solution
Upgrade to version 3.0.195.32 or later.
http://www.google.com/chrome
Insight
- Error in 'browser/download/download_exe.cc', which fails to display a warning when a user downloads and opens '.svg', '.mht' or '.xml' files.
This can be exploited to disclose the content of local files via a specially crafted web page.
- An error in the Gears SQL API implementation can be exploited to put SQL metadata into a bad state and cause a memory corruption.
- An error in WebKit, which can be exploited via a web page that calls the JavaScript setInterval method, which triggers an incompatibility between the 'WTF::currentTime' and 'base::Time' functions.
- Error in 'WebFrameLoaderClient::dispatchDidChangeLocationWithinPage' function in 'src/webkit/glue/webframeloaderclient_impl.cc' and which can be exploited via a page-local link, related to an 'empty redirect chain,' as demonstrated by a message in Yahoo! Mail.
Affected
Google Chrome version prior to 3.0.195.32 on Windows.
References
Severity
Classification
-
CVE CVE-2009-3931, CVE-2009-3932, CVE-2009-3933, CVE-2009-3934 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- cfengine AuthenticationDialogue vulnerability
- BreakPoint Software Hex Workshop Denial of Service vulnerability
- Apple Safari Multiple Vulnerabilities June-09 (Win) - II
- Adobe Flash Media Server Multiple Denial of Service Vulnerabilities
- Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)