The host is installed with Google Chrome before 28.0.1500.71 and is prone to multiple unspecified vulnerabilities. The flaws are present in the application, which does not properly determine the circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations. Successful exploitation allows remote attackers to conduct phishing attacks via a crafted web site.