47 matches found
CVE-2019-11762
A flaw was found in Mozilla's firefox and thunderbird where if two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This could cause an interaction between two...
DEBIAN-CVE-2019-11762
If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...
Cross site scripting
If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...
CVE-2019-11762
If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...
CVE-2019-11762
If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...
CVE-2019-11762
The CVE-2019-11762 issue is a cross-origin origin isolation bug where two same-origin documents setting document.domain differently could allow calling arbitrary DOM methods/getters/setters on the now-cross-origin window. Affected products include Firefox (<70) and Firefox ESR (<68.2), and ...
CVE-2019-11762
If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...
Mozilla: document.domain-based origin isolation has same-origin-property violation
A flaw was found in Mozilla's firefox and thunderbird where if two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This could cause an interaction between two...
Mozilla: document.domain-based origin isolation has same-origin-property violation
A flaw was found in Mozilla's firefox and thunderbird where if two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This could cause an interaction between two...
Information Disclosure
mozilla firefox is vulnerable to information disclosure. When two same-origin documents set document.domain differently to become a cross-origin, it is possible to call arbitrary DOM methods/getters/setters on the now-cross-origin window...
CVE-2019-11762
If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...
Design/Logic Flaw
The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped...
CVE-2014-1526
Summary : CVE-2014-1526 affects Mozilla Firefox up to 29.0 (and SeaMonkey up to 2.26). The XrayWrapper implementation could be abused by a user via a crafted site visited in a debugger to bypass access restrictions, causing unwrapping operations and calls to DOM methods on unwrapped objects. This...
CVE-2014-1526
The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped...
CVE-2010-2296
The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors...
Information disclosure
The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors...
CVE-2010-2296
Google Chrome before 5.0.375.70 is affected by CVE-2010-2296 due to the implementation of unspecified DOM methods that can bypass the Same Origin Policy via unknown vectors. The vulnerability enables remote attackers to circumvent SOP, with impact described as complete confidentiality/integrity/a...
Google Chrome < 5.0.375.70 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 5.0.375.70. As such, it is reportedly affected by multiple vulnerabilities : - A cross-origin keystroke redirection vulnerability. Issue 15766 - A cross-origin bypass in DOM methods. Issue 39985 - A memory error exists in...
Google Chrome < 5.0.375.70 Multiple Vulnerabilities
Binary data 5567.pasl...
Google Chrome < 5.0.375.70 Multiple Vulnerabilities
Binary data 800928.prm...