9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.037 Low
EPSS
Percentile
91.8%
The version of Google Chrome installed on the remote host is earlier than 1.0.154.64. Such versions are reportedly affected by multiple vulnerabilities :
A failure to properly validate input from a renderer (tab) process could allow an attacker to crash the browser and possibly run arbitrary code with the privileges of the logged on user. (CVE-2009-1441)
A failure to check the result of integer multiplication when computing image sizes could allow a specially-crafted image or canvas to cause a tab to crash and possibly allow an attacker to execute arbitrary code inside the (sandboxed) renderer process. (CVE-2009-1442)
Binary data 5020.pasl