Description: | Summary: The host is running Google Chrome and is prone to multiple vulnerabilities.
Vulnerability Insight: - An unspecified error related to a stale pointer exists within the handling of floating objects.
- A linked-list race condition exists within the database handling.
- The MIME handling does not properly ensure thread safety.
- An extension with 'tabs' permission can gain access to local files.
- An integer overflow error exists within the float rendering.
- An error related to blobs can be exploited to violate the same origin policy.
- An unspecified error can be exploited to cause an interference between renderer processes.
- A use-after-free error exists within the handling of '' tags and CSS.
- A casting error exists within then handling of floating select lists.
- An error related to mutation events can be exploited to corrupt node trees.
- An unspecified error related to stale pointers exists in the layering code.
- A race condition error exists within the sandbox launcher.
- Interrupted loads and navigation errors can be leveraged to spoof the URL bar.
- An unspecified error related to a stale pointer exists within the handling of drop-down lists.
- An unspecified error related to a stale pointer exists within the height calculations.
- A use-after-free error exists within the handling of WebSockets.
- An error related to dangling pointers exists within the handling of file dialogs.
- An error related to dangling pointers exists within the handling of DOM id maps.
- Redirects and manual reloads can be exploited to spoof the URL bar.
- A use-after-free error exists within the handling of DOM ids.
- An error related to stale pointers exists within the handling of PDF forms.
Vulnerability Impact: Successful exploitation could allow attackers to bypass certain security restrictions, disclose potentially sensitive information, conduct spoofing attacks, and potentially compromise a user's system.
Affected Software/OS: Google Chrome version prior to 11.0.696.57 on Linux
Solution: Upgrade to the Google Chrome 11.0.696.57 or later.
CVSS Score: 7.5
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
|