Summary
The host is installed with Google Chrome and is prone to remote code execution vulnerability.
Impact
Successful exploitation will let the attackers to execute arbitrary code via crafted SVG document.
Impact Level: System/Application
Solution
Upgrade to the Google Chrome 25.0.1364.160 or later, For updates refer to http://www.google.com/chrome
Insight
WebKit contains a type confusion flaw in the 'SVGViewSpec::viewTarget' function in WebCore/svg/SVGViewSpec.cpp when handling non-SVG elements.
Affected
Google Chrome version prior to 25.0.1364.160 on Linux
References
Severity
Classification
-
CVE CVE-2013-0912 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)
- Adobe Air Multiple Vulnerabilities - November12 (Windows)
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Windows)
- Adobe Air Code Execution and DoS Vulnerabilities (Windows)
- Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Mac OS X)