The host is installed with Google Chrome before 11.0.696.65 and is prone to an use-after-free vulnerability. A flaw is present in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp in WebCore in WebKit, which fails to properly handle a crafted JavaScript code that calls the removeChild method during interaction with a FRAME element. Successful exploitation allows remote ...