Summary
The host is running Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow the attackers to execute arbitrary code in the context of the browser, cause denial-of-service condition, carry out spoofing attacks, gain access to sensitive information, and bypass intended security restrictions.
Impact Level: Application
Solution
Upgrade to the Google Chrome 7.0.517.44 or later,
For updates refer to http://www.google.com/chrome
Insight
The flaws are due to
- A use-after-free error related to text editing
- A memory corruption error when handling an overly large text area - A bad cast with the SVG use element
- An invalid memory read in XPath handling
- A use-after-free error related to text control selections - A integer overflows in font handling on Linux
- A memory corruption error in libvpx
- A bad use of destroyed frame objects
- A type confusions with event objects
- An out-of-bounds array access when handling SVGs
Affected
Google Chrome version prior to 7.0.517.44 on windows
References
Severity
Classification
-
CVE CVE-2010-4008, CVE-2010-4197, CVE-2010-4198, CVE-2010-4199, CVE-2010-4201, CVE-2010-4202, CVE-2010-4203, CVE-2010-4204, CVE-2010-4205, CVE-2010-4206 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities