Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Google Chrome 'WebKit' Multiple Vulnerabilities (Windows) - June 10

Information

Severity

Severity

Critical

Family

Family

General

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

13 years ago

Modified

Modified

5 years ago

Summary

This host is installed with Google Chrome and is prone to multiple vulnerabilities.

Insight

Insight

The flaws are due to: - Error in 'toAlphabetic' function in 'rendering/RenderListMarker.cpp' in WebCore in WebKit. - Error in 'page/Geolocation.cpp' which does stop timers associated with geolocation upon deletion of a document. - Memory corruption in 'font' handling. - Error in 'editing/markup.cpp' which fails to validate input passed to 'innerHTML' property of textarea. - Error in 'third_party/WebKit/WebCore/dom/Element.cpp' in 'Element::normalizeAttributes()' resulting in DOM mutation events being fired. - 'Clipboard::DispatchObject' function which does not properly handle 'CBF_SMBITMAP objects' in a 'ViewHostMsg_ClipboardWriteObjectsAsync' message which lead to illegal memory accesses and arbitrary execution related to 'Type Confusion' issue. - Error in 'rendering/FixedTableLayout.cpp' which leads to denial of service - 'Cross-origin bypass' in DOM methods' - Error in 'page/EventHandler.cpp' causes Cross-origin keystroke redirection.

Affected Software

Affected Software

Google Chrome version prior to 5.0.375.70 on Windows

Solution

Solution

Upgrade to Google Chrome version 5.0.375.70 or later.