The host is installed with Google Chrome before 35.0.1916.114 and is prone to an UI spoofing vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to spoof the UI by extending scrollbar painting into the parent frame.