9802 matches found
CVE-2010-2300
Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via vectors related to handlers for DOM mutation...
CVE-2010-2296
The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors...
Memory corruption
Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via vectors related to handlers for DOM mutation...
Information disclosure
The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors...
Design/Logic Flaw
Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE:...
CVE-2010-2300
Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via vectors related to handlers for DOM mutation...
CVE-2010-2302
Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE:...
CVE-2010-2296
Google Chrome before 5.0.375.70 is affected by CVE-2010-2296 due to the implementation of unspecified DOM methods that can bypass the Same Origin Policy via unknown vectors. The vulnerability enables remote attackers to circumvent SOP, with impact described as complete confidentiality/integrity/a...
CVE-2010-2302
CVE-2010-2302 is a use-after-free in WebKit’s WebCore affecting Google Chrome prior to 5.0.375.70. The flaw involves remote fonts used with shadow DOM trees and can cause memory corruption, leading to a denial of service or potential arbitrary code execution. Affected component: WebKit/WebCore in...
CVE-2010-2300
CVE-2010-2300 is a use-after-free vulnerability in WebKit’s WebCore (Element::normalizeAttributes in dom/Element.cpp) affecting Google Chrome builds prior to 5.0.375.70. The issue can lead to remote code execution or memory corruption via DOM mutation-event handling vectors, per the description. ...
CVE-2010-2300
Removed by vendor...
CVE-2010-2296
Removed by vendor...
CVE-2010-1758
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving DOM Range objects...
Design/Logic Flaw
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving DOM Range objects...
CVE-2010-1758
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving DOM Range objects...
EUVD-2010-1778
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving DOM Range objects...
CVE-2010-1758
CVE-2010-1758 is a use-after-free vulnerability in WebKit affecting Safari up to version 5.x (Mac OS X 10.5–10.6) and Windows, and WebKit on Mac OS X 10.4. The issue arises from DOM Range handling and can lead to remote code execution or application crashes. Connected documents confirm related We...
CVE-2010-1758
Removed by vendor...
CVE-2010-1414
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the removeChild DOM method...
CVE-2010-1395
Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving DOM constructor objects, related to a "scope management issu...