The host is installed with Google Chrome before 40.0.2214.111 and is prone to a security bypass vulnerability. A flaw is present in V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome, which does not properly consider frame access restrictions during the throwing of an exception. Successful exploitation allows ...