7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.022 Low
EPSS
Percentile
89.5%
The remote host has Google Chrome browser installed. Versions of Google Chrome prior to 31.0.1650.63 are affected by multiple vulnerabilites, some of which include the following:
Use-after-free in editing (CVE-2013-6635)
Out-of-bounds read/write operations and a buffer overflow vulnerability in the Chrome v8 engine, which have been fixed in version 3.22.24.7, included in the updated version of Chrome (CVE-2013-6638, CVE-2013-6639, CVE-2013-6640)
Address bar spoofing that can be triggered via modal dialogs (CVE-2013-6636)
Session fixation attack via 302 redirects in one-click sign-in flow and gaia HTTP headers, which can allow a context-dependent attacker to hijack the user session. (CVE-2013-6634)
Binary data 8063.pasl