SUSE CVE-2010-1236

The protocolIs function in platform/KURLGoogle.cpp in WebCore in WebKit before r55822, as used in Google Chrome before 4.1.249.1036 and Flock Browser 3.x before 3.0.0.4112, does not properly handle whitespace at the beginning of a URL, which allows remote attackers to conduct cross-site scripting...

[FLOCK-SA-2010-03] Flock Browser: javascript: url with a leading NULL byte can bypass cross origin protection (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FLOCK-SA-2010-03 http://flock.com/security/ Title: javascript: url with a leading NULL byte can bypass cross origin protection XSS Impact: High Announced on: 2010-09-09 Affected Products: Flock 3 versions prior to 3.0.0.4112 CVEs cve.mitre.org:...

Google Chrome Multiple Vulnerabilities (win)

This host is installed with Google Chrome Web Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnapr10.nasl 5306 2017-02-16 09:00:16Z teissa $ Google Chrome Multiple Vulnerabilities win Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone...

CVE-2010-1236

CVE-2010-1236 affects WebKit’s WebCore component (protocolIs in platform/KURLGoogle.cpp). The issue is improper handling of leading whitespace in a URL, enabling cross-site scripting via crafted javascript: URLs. Affects Google Chrome before 4.1.249.1036 and Flock Browser 3.x before 3.0.0.4112. T...

CVE-2010-1236

Removed by vendor...

CVE-2010-1236

The protocolIs function in platform/KURLGoogle.cpp in WebCore in WebKit before r55822, as used in Google Chrome before 4.1.249.1036 and Flock Browser 3.x before 3.0.0.4112, does not properly handle whitespace at the beginning of a URL, which allows remote attackers to conduct cross-site scripting...