Intrusion Prevention

Google.Chrome.Flash.plugin.Transparent.Object.Clickjacking

Description

This indicates an attack attempt against a Clickjacking vulnerability in Google Chrome.
The vulnerability is caused by an error when the vulnerable software handles a malformed html with Cascading Style Sheets (CSS) opacity property. It allows a remote attacker to trick the user into pressing the "Allow" button in the Flash Player settings window via a crafted web page.

Affected Products

Google Chrome before 27.0.1453.116

Impact

Information Disclosure: Remote attacker can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://googlechromereleases.blogspot.ca/2013/06/stable-channel-update-for-chrome-os.html

CVE References

CVE-2013-2866