55 matches found
Design/Logic Flaw
Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascadin...
CVE-2016-5127
CVE-2016-5127 is a use-after-free vulnerability in Blink’s editing path (WebKit/Blink) affecting Google Chrome prior to 52.0.2743.82. The issue arises in WebKit/Source/core/editing/VisibleUnits.cpp and can be triggered by crafted JavaScript using an @import at-rule in a CSS token sequence with re...
CVE-2016-5127
Removed by vendor...
CVE-2016-5127
Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascadin...
CVE-2016-5127
Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascadin...
webkit: HTMLLinkElement ignores dnsPrefetchingEnabled setting
The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS...
CVE-2010-3829
CVE-2010-3829 is a WebKit vulnerability described for WebKit in Apple iOS prior to 4.2, where processing of an HTML LINK element with DNS prefetching could bypass the remote image loading setting in Mail. The issue allows remote attackers to bypass access restrictions via a LINK element used for ...
CVE-2010-3829
WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to...
UBUNTU-CVE-2010-3813
The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS...
CVE-2010-0648
Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets0.href property value, relate...
Apple Safari Multiple Vulnerabilities
This host is installed with Apple Safari Web Browser and is prone to to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbapplesafarimultvulnjan10.nasl 7174 2017-09-18 11:48:08Z asteins $ Apple Safari Multiple Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone...
CVE-2010-0314
Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets0.href property value...
CVE-2010-0314
The connected SSV entry (SSV:19008) documents CVE-2010-0314 as a redirect-target disclosure in Apple Safari: if a site URL is placed in the HREF of a stylesheet LINK element, a user’s session can read document.styleSheets[0].href to reveal the redirect URL. It notes Safari 4.0.4 and describes the...
CVE-2010-0314
Removed by vendor...
http-favicon NSE Script
Gets the favicon "favorites icon" from a web page and matches it against a database of the icons of known web applications. If there is a match, the name of the application is printed; otherwise the MD5 hash of the icon data is printed. If the script argument favicon.uri is given, that relative U...