Summary
This host is installed with Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to bypass certain security restrictions, execute arbitrary code in the context of the browser or cause a denial of service or possibly have unspecified other impact.
Impact Level: System/Application
Solution
Upgrade to the Google Chrome 24.0.1312.56 or later, For updates refer to http://www.google.com/chrome
Insight
Multiple flaws due to
- Referring freed memory in canvas font handling.
- Missing URL validation when opening new windows.
- Unchecked array index in content blocking functionality.
- Not properly handling %00 characters in path-names.
Affected
Google Chrome versions prior to 24.0.1312.56 on Windows
References
Severity
Classification
-
CVE CVE-2013-0839, CVE-2013-0840, CVE-2013-0841, CVE-2013-0842 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Mac OX S)
- Adobe AIR Multiple Vulnerabilities-01 Aug14 (Windows)
- Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Mac OS X)
- Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux)