SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is earlier than 22.214.171.124. Such versions are reportedly affected by several issues :
- Cross-site scripting vulnerabilities in the Adobe Reader Plugin itself could be leveraged using a PDF document to run scripts on arbitrary sites via Google Chrome.
(CVE-2007-0048 and CVE-2007-0045)
- A cross-domain security-bypass vulnerability that could allow an attacker to bypass the same-origin policy and gain access to potentially sensitive information.
- A remote attacker may be able to gain access to the 'Set-Cookie' and 'Set-Cookie2' response headers via XMLHttpRequest calls. (CVE-2009-0411)
SolutionUpgrade to Google Chrome version 126.96.36.199 or later.