Summary
This host is installed with Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow the attackers to execute arbitrary code or cause a denial of service.
Impact Level: System/Application
Solution
Upgrade to the Google Chrome 21.0.1180.89 or later, For updates refer to http://www.google.com/chrome
Insight
Multiple flaws are due to
- Out-of-bounds read in line breaking
- Bad cast with run-ins.
- Browser crash with SPDY.
- Race condition with workers and XHR.
- Avoid stale buffer in URL loading.
- Lower severity memory management issues in XPath - Bad cast in XSL transforms.
- XSS in SSL interstitial.
Affected
Google Chrome version prior to 21.0.1180.89 on Mac OS X
References
Severity
Classification
-
CVE CVE-2012-2865, CVE-2012-2866, CVE-2012-2867, CVE-2012-2868, CVE-2012-2869, CVE-2012-2870, CVE-2012-2871, CVE-2012-2872 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability
- Adobe AIR Multiple Vulnerabilities-01 Sep13 (Mac OS X)
- Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Windows)
- Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Mac OS X)
- Adobe Air Remote Code Execution Vulnerability -June13 (Mac OS X)