Summary
This host is installed with Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow the attackers to execute arbitrary code and cause a denial of service.
Impact Level: System/Application
Solution
Upgrade to the Google Chrome 22.0.1229.94 or later, For updates refer to http://www.google.com/chrome
Insight
Multiple flaws are due to
- Use-after-free erorr in the SVG implementation in WebKit, allows remote attackers to execute arbitrary code via unspecified vectors.
- An erorr in Inter-process Communication (IPC) implementation, allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process.
Affected
Google Chrome version prior to 22.0.1229.94 on Linux
References
Severity
Classification
-
CVE CVE-2012-5112, CVE-2012-5376 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Air Multiple Vulnerabilities -01 May 13 (Mac OS X)
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Windows
- Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux)
- Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)
- Adobe Air Multiple Vulnerabilities June-2012 (Mac OS X)