The host is installed with Google Chrome before 32.0.1700.77 and is prone to unspecified security vulnerability. A flaw is present in the application, which fails to handle the closing of an untrusted signin confirm dialog. Successful exploitation allows attackers to trigger a sync with an arbitrary Google account.