SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Google Chrome installed on the remote host is earlier than 17.0.963.83 and is, therefore, affected by the following vulnerabilities :
- An unspecified integer issue exists in libpng.
- An error exists related to the extension web request API that could allow denial of service attacks.
Note this issue was corrected in a previous, unspecified release. (CVE-2011-3049)
- Use-after-free errors exist related to 'first-letter' handling, CSS cross-fade handling and block splitting.
(CVE-2011-3050, CVE-2011-3051, CVE-2011-3053)
- A memory corruption error exists related to WebGL canvas handling. (CVE-2011-3052)
- An error exists related to webui privilege isolation.
- Installation of unpacked extensions does not use the application's native user interface for prompts.
- A cross-origin violation is possible with 'magic iframe'.
SolutionUpgrade to Google Chrome 17.0.963.83 or later.