Google.Chrome.Flash.plugin.Transparent.Object.Clickjacking
Description
This indicates an attack attempt against a Clickjacking vulnerability in Google Chrome.
The vulnerability is caused by an error when the vulnerable software handles a malformed html with Cascading Style Sheets (CSS) opacity property. It allows a remote attacker to trick the user into pressing the "Allow" button in the Flash Player settings window via a crafted web page.
Affected Products
Google Chrome before 27.0.1453.116
Impact
Information Disclosure: Remote attacker can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://googlechromereleases.blogspot.ca/2013/06/stable-channel-update-for-chrome-os.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |