Summary
The host is running Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow the attackers to execute arbitrary code in the context of the browser, cause denial-of-service conditions, carry out spoofing attacks, gain access to sensitive information, and bypass intended security restrictions.
Impact Level: Application
Solution
Upgrade to the Google Chrome 7.0.517.41 or later,
For updates refer to http://www.google.com/chrome
Insight
The flaws are due to
- An unknown error related to 'autofill/autocomplete' profile spamming.
- Memory corruption error when processing malformed forms, which could be exploited to execute arbitrary code.
- A memory corruption error related to form 'autofill'.
- An error when handling page unloads, which could allow URL spoofing attacks.
- An unspecified error which could allow malicious web sites to bypass the pop-up blocker.
- An error related to shutdown with 'Web Sockets'.
- A bad construction of the 'PATH' variable.
- A memory corruption error when processing animated 'GIFs'.
- Failure to sandbox worker processes on Linux.
- Error in Stale elements in an element map.
Affected
Google Chrome version prior to 7.0.517.41 on linux
References
Severity
Classification
-
CVE CVE-2010-4033, CVE-2010-4034, CVE-2010-4035, CVE-2010-4036, CVE-2010-4037, CVE-2010-4038, CVE-2010-4039, CVE-2010-4040, CVE-2010-4041, CVE-2010-4042 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities