The vulnerability of Google Chrome browser allows a violator to circumvent existing access restrictions policies.

The vulnerability of the Blink component in Google Chrome’s browser is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to circumvent existing access restrictions by manipulating the FrameLoader.cpp and LocalFrame.cpp files...

The vulnerability of Google Chrome browser allows a violator to circumvent existing access restrictions policies.

The vulnerability of the FrameLoader::startLoad function WebKit/Source/core/loader/FrameLoader.cpp in the Google Chrome browser’s Blink component is related to the lack of control over frame navigation during interrupt operations of the DocumentLoader. Exploiting this vulnerability could allow a...

Google Chrome FrameLoader::startLoad Same Origin Policy Bypass Vulnerability

Google Chrome is a web browsing tool developed by Google. In versions of Google Chrome prior to 51.0.2704.79, the Blink/WebKit/Source/core/loader/FrameLoader.cpp/FrameLoader::startLoad function fails to prevent frame navigation in the DocumentLoader separation operation. A same-origin policy bypa...

UBUNTU-CVE-2016-1697

The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScrip...

CVE-2016-1697

The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScrip...

CVE-2016-1675

Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp...

UBUNTU-CVE-2016-1675

Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp...

Graphite2 - GlyphCache::Loader Heap Overreads

Graphite2 - GlyphCache::Loader Heap Overreads Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=751 The following crashes due to two different heap-based buffer overreads can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the...

Graphite2 - GlyphCache::Loader Heap Based Overreads

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=751 The following crashes due to two different heap-based buffer overreads can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with...

Graphite2 - GlyphCache::Loader Heap Overreads

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=751 The following crashes due to two different heap-based buffer overreads can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the following command: $ ./gr2fonttest /path/to/fil...

UBUNTU-CVE-2015-8866

ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxmldisableentityloader changes in other threads, which allows remote attackers to conduct XML External Entity XXE and XML Entity Expansion XEE attacks via a crafted XML...

EhTrace - Tool for Tracing Execution of Binaries on Windows

Eh'Trace pronounced ATrace is a binary tracing tool for Windows. Implemented in C but has some interesting properties that may make it suitable for tracing binaries when other methods are not sufficient, in particular EhTrace does not require changes to a binary to enable traces, despite being ab...

Security update for Chromium (important)

Chromium was updated to 50.0.2661.102 to fix four vulnerabilities boo979859: - CVE-2016-1667: Same origin bypass in DOM - CVE-2016-1668: Same origin bypass in Blink V8 bindings - CVE-2016-1669: Buffer overflow in V8 - CVE-2016-1670: Race condition in loader...

Security update for Chromium (important)

Chromium was updated to 50.0.2661.102 to fix four vulnerabilities boo979859: - CVE-2016-1667: Same origin bypass in DOM - CVE-2016-1668: Same origin bypass in Blink V8 bindings - CVE-2016-1669: Buffer overflow in V8 - CVE-2016-1670: Race condition in loader...

DEBIAN-CVE-2016-3994

The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service application crash or obtain sensitive information via a crafted image, which triggers an out-of-bounds read...

CVE-2016-3994

The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service application crash or obtain sensitive information via a crafted image, which triggers an out-of-bounds read...

Out-of-bounds

The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service application crash or obtain sensitive information via a crafted image, which triggers an out-of-bounds read...

CVE-2016-3994

The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service application crash or obtain sensitive information via a crafted image, which triggers an out-of-bounds read...

CVE-2016-3994

The CVE-2016-3994 issue affects the GIF loader in imlib2 up to version 1.4.9, caused by an out-of-bounds read that can lead to a denial of service (application crash) or exposure of sensitive information. A fix is available in upstream imlib2 1.4.9 and related security updates (e.g., Ubuntu/Fedor...

CVE-2016-3994

The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service application crash or obtain sensitive information via a crafted image, which triggers an out-of-bounds read...