Summary
This host is installed with Google Chrome and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow the attackers to execute arbitrary code and cause a denial of service.
Impact Level: System/Application
Solution
Upgrade to the Google Chrome 22.0.1229.94 or later, For updates refer to http://www.google.com/chrome
Insight
Multiple flaws are due to
- Use-after-free erorr in the SVG implementation in WebKit, allows remote attackers to execute arbitrary code via unspecified vectors.
- An erorr in Inter-process Communication (IPC) implementation, allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process.
Affected
Google Chrome version prior to 22.0.1229.94 on Mac OS X
References
Severity
Classification
-
CVE CVE-2012-5112, CVE-2012-5376 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe ExtendedScript Toolkit (ESTK) Insecure Library Loading Vulnerability (Win)
- Adobe Acrobat Multiple Unspecified Vulnerabilities - Windows
- Adobe Air and Flash Player Multiple Vulnerabilities August-2011 (Windows)
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
- Adobe AIR Multiple Vulnerabilities-01 Aug14 (Mac OS X)