553 matches found
CVE-2015-6774
Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimesextensionbindings.cc in the Extensions implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that...
CVE-2015-6764
CVE-2015-6764 is an out-of-bounds read in Google V8’s BasicJsonStringifier::SerializeJSArray used by Chrome up to version 47.0.2526.73. The issue allows remote denial-of-service or other impact via crafted JavaScript; Debian advisory confirms the flaw and provides fixed package version 47.0.2526....
CVE-2015-6764
The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have...
CVE-2015-6771
js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73, improperly implements certain map and filter operations for arrays, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have unspecified other impact via crafted JavaScript code...
v8: unspecified out-of-bounds access vulnerability
The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have...
chromium-browser: Use-after-free in Extensions
Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimesextensionbindings.cc in the Extensions implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that...
CVE-2015-6045
Use-after-free vulnerability in the CElement object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted JavaScript that improperly interacts with use of the Cascading Style Sheets CSS...
Mozilla Firefox Address Bar Forgery Vulnerability (CNVD-2015-07429)
Mozilla Firefox is an open source web browser. Mozilla Firefox does not ensure that the address bar is restored when exiting fullscreen-mode, allowing remote attackers to spoof the address bar with specially crafted JavaScript code...
CVE-2015-7189
Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via vectors involving a CANVAS element and crafted JavaScript code...
CVE-2015-7185
Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code...
Race condition
Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via vectors involving a CANVAS element and crafted JavaScript code...
CVE-2015-7189
Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via vectors involving a CANVAS element and crafted JavaScript code...
Mozilla: Buffer overflow during image interactions in canvas (MFSA 2015-123)
Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via vectors involving a CANVAS element and crafted JavaScript code...
UBUNTU-CVE-2015-7197
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code...
CVE-2015-7189
Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via vectors involving a CANVAS element and crafted JavaScript code...
CVE-2015-6755
The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin...
UBUNTU-CVE-2015-6755
The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin...
Security update for MozillaThunderbird (important)
MozillaThunderbird was updated to fix 17 security issues. These security issues were fixed: - CVE-2015-4509: Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allowed remote attackers to execute arbitrary code via crafte...
CVE-2015-4519
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element...
Design/Logic Flaw
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element...