The host is installed with Google Chrome before 31.0.1650.63 and is prone to session fixation attacks vulnerability. The flaw is present in the application, which fails to handle the OneClickSigninHelper::ShowInfoBarIfPossible function. Successful exploitation allows the remote attacker to conduct session fixation attacks and hijack web sessions.