Test ID:	1.3.6.1.4.1.25623.1.0.801789
Category:	General
Title:	Google Chrome 'Sandbox' Remote Code Execution Vulnerability - Windows
Summary:	Google Chrome is prone to a remote code execution (RCE) vulnerability.
Description:	Summary: Google Chrome is prone to a remote code execution (RCE) vulnerability. Vulnerability Insight: The flaw is due to an error in application, which bypasses all security features including 'ASLR/DEP/Sandbox'. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Affected Software/OS: Google Chrome version 11.0.696.65 and prior. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2075 BugTraq ID: 47771 http://www.securityfocus.com/bid/47771 http://www.vupen.com/demos/VUPEN_Pwning_Chrome.php http://www.youtube.com/watch?v=c8cQ0yU89sk https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14099
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.