Summary
The host is running Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow the attackers to execute arbitrary code in the context of the browser, cause denial-of-service conditions, carry out spoofing attacks, gain access to sensitive information, and bypass intended security restrictions.
Impact Level: Application
Solution
Upgrade to the Google Chrome 7.0.517.41 or later,
For updates refer to http://www.google.com/chrome
Insight
The flaws are due to
- An unknown error related to 'autofill/autocomplete' profile spamming.
- Memory corruption error when processing malformed forms, which could be exploited to execute arbitrary code.
- A memory corruption error related to form 'autofill'.
- An error when handling page unloads, which could allow URL spoofing attacks.
- An unspecified error which could allow malicious web sites to bypass the pop-up blocker.
- An error related to shutdown with 'Web Sockets'.
- A memory corruption error when processing animated 'GIFs'.
- Error in Stale elements in an element map.
Affected
Google Chrome version prior to 7.0.517.41
References
Severity
Classification
-
CVE CVE-2010-4033, CVE-2010-4034, CVE-2010-4035, CVE-2010-4036, CVE-2010-4037, CVE-2010-4038, CVE-2010-4040, CVE-2010-4042 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Air Multiple Vulnerabilities - December12 (Windows)
- Adobe AIR Multiple Vulnerabilities(APSB14-22)-(Windows)
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Windows)
- Adobe Extension Manager CS5 Insecure Library Loading Vulnerability (Win)
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Windows)