DEBIAN-CVE-2022-2611

Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-2611

Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

UBUNTU-CVE-2022-2611

Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

Design/Logic Flaw

Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-2611

Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-2611

Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-2611

CVE-2022-2611 : Concrete details across connected sources show an issue in the Fullscreen API in Google Chrome/Chromium where, on Android prior to 104.0.5112.79, a crafted HTML page can cause the Omnibox (URL bar) to be spoofed by a remote attacker. The affected software is Google Chrome (Android...

CVE-2022-2611

Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10086-1 Rating: important References: 1202075 Cross-References: CVE-2022-2603 CVE-2022-2604 CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609 CVE-2022-2610 CVE-2022-2611 CVE-2022-2612...

Spoofing Attack

chromium is vulnerable to spoofing attacks. The vulnerability exist due to an inappropriate implementation in Fullscreen API allowing a remote attacker to spoof the contents of the Omnibox via a crafted HTML page...

Microsoft Edge (Chromium) < 104.0.1293.47 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 104.0.1293.47. It is, therefore, affected by multiple vulnerabilities as referenced in the August 5, 2022 advisory. - Use after free in Omnibox. CVE-2022-2603 - Use after free in Safe Browsing. CVE-2022-2604 - Out of...

Updated chromium-browser-stable packages fix security vulnerability

1325699 High CVE-2022-2603: Use after free in Omnibox. Reported by Anonymous on 2022-05-16 1335316 High CVE-2022-2604: Use after free in Safe Browsing. Reported by Nan Wang@eternalsakura13 and Guang Gong of 360 Alpha Lab on 2022-06-10 1338470 High CVE-2022-2605: Out of bounds read in Dawn. Report...

Chromium: CVE-2022-2611 Inappropriate implementation in Fullscreen API

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

FreeBSD : chromium -- multiple vulnerabilities (96a41723-133a-11ed-be3b-3065ec8fd3ec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 96a41723-133a-11ed-be3b-3065ec8fd3ec advisory. - Use after free in Omnibox. CVE-2022-2603 - Use after free in Safe Browsing. CVE-2022-2604 -...

KLA12600 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Out of boun...

Advance Phishing Attacks using HTML5 Fullscreen API

Do your ever use YouTube Instant Search engine a really fast way to search YouTube ? That was developed by a 21 years old developer name - Feross Aboukhadijeh in 2012. Chad Hurley, CEO and co-founder of YouTube, was so impressed that he immediately offered him a job at YouTube. He a web developer...

Proof-of-Concept Exploits HTML5 Fullscreen API for Social Engineering

Independent security researcher, web designer, and Stanford Computer Science student Feross Aboukhadijeh has developed an attack concept that exploits the fullscreen application programming interface in HTML5 in order to carry out phishing attacks. The attack leverages the ‘fullscreen API’ featur...

Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20120314)

Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-0461,...

CentOS Update for firefox CESA-2012:0387 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 5 / 6 : thunderbird (CESA-2012:0388)

An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...