136 matches found
Google Chrome memory misreference vulnerability (CNVD-2019-23319)
Chrome is a web browsing tool developed by Google. A post-release reuse vulnerability exists in FileAPI in versions prior to Google Chrome 73.0.3683.75. An attacker can exploit this vulnerability to execute arbitrary code via a crafted HTML page...
PT-2019-13473 · Google +1 · Google Chrome +1
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 72.0.3626.81 Description: The issue is related to a use after free in the FileAPI of Google Chrome, which could allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page. The...
CVE-2018-6109
readAsText can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page...
CVE-2018-6109
readAsText can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page...
Design/Logic Flaw
readAsText can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page...
CVE-2018-6109
readAsText can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page...
CVE-2018-6109
Removed by vendor...
CVE-2018-6109
CVE-2018-6109 affects Google Chrome/Chromium: the File API readAsText() could read the user-selected file repeatedly instead of once, allowing data exposure via a crafted HTML page on Chrome versions prior to 66.0.3359.117. Public advisories (e.g., Debian security notices) confirm a fix was relea...
CVE-2018-6109
readAsText can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page...
chromium-browser: Incorrect handling of files by FileAPI
readAsText can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page...
CVE-2018-6109
readAsText can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page...
Maxthon3 about:history XCS Trusted Zone Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
Drupal任意文件上传和会话固定漏洞
Bugraq ID: 36431 Drupal是一款开放源码的内容管理平台。 Drupal存在多个安全漏洞,攻击者可以利用漏洞上传任意文件到服务器,劫持任意会话,未授权访问受影响应用程序。 文件API不正确处理使用部分扩展的文件上传,可导致上传的文件被Apache执行。.htaccess保存在Drupal文件目录中可防止上传被执行。只有当服务器配置忽略.htaccess文件中的指令时这些文件才会被执行。 当匿名用户使用单次登录链接用于确认EMAIL地址和重设忘记的密码时Drupal没有重生成会话ID,在部分条件下恶意用户可以修复和重用目标用户的会话ID。 Drupal Drupal 6....
FreeBSD : drupal -- multiple vulnerabilities (bad1b090-a7ca-11de-873f-0030843d3802)
Drupal Team reports : The core OpenID module does not correctly implement Form API for the form that allows one to link user accounts with OpenID identifiers. A malicious user is therefore able to use cross site request forgeries to add attacker controlled OpenID identities to existing accounts...
drupal -- multiple vulnerabilities
Drupal Team reports: The core OpenID module does not correctly implement Form API for the form that allows one to link user accounts with OpenID identifiers. A malicious user is therefore able to use cross site request forgeries to add attacker controlled OpenID identities to existing accounts...
Linux kernel integer types conversion problems.
It's possible to access kernel memory because of inters conversion bug in 64bit file API for example llseek...