Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2019:0249-1 Rating: important References: 1122983 1125330 Cross-References: CVE-2016-5824 CVE-2018-12405 CVE-2018-17466 CVE-2018-18335 CVE-2018-18356 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494...

Facebook Graph OpenSearch Phone Number Metadata Crosswalk Mapping

!/usr/bin/perl Facebook 'Graph' OpenSearch Phone Number metadata crosswalk mapping PoC 2018 Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Description: Criminal hacker CRACKER can take advantage of this weakness by creating a specialized database to manipulate...

Fedora 23 : mediawiki-1.25.2-2.fc23 (2015-13920)

T94116 SECURITY: Compare API watchlist token in constant time T97391 SECURITY: Escape error message strings in thumb.php T106893 SECURITY: Don't leak autoblocked IP addresses on Special:DeletedContributions T102562 Fix InstantCommons parameters to handle the new HTTPS-only policy of Wikimedia...

The vulnerability of Google Chrome browser allows a malicious intruder to gain access to local files.

The vulnerability in the Google Chrome browser’s SearchEngineTabHelper::OnPageHasOSDD function exists due to the ability to use file:URL as an XML document containing OpenSearch descriptors. As a result of exploiting this vulnerability, a remote attacker can gain access to local files through a...

FreeBSD : chromium -- multiple vulnerabilities (b57f690e-ecc9-11e4-876c-00262d5ed8ee)

Google Chrome Releases reports : 45 new security fixes, including : - 456518 High CVE-2015-1235: Cross-origin-bypass in HTML parser. Credit to anonymous. - 313939 Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo. - 461191 High CVE-2015-1237: Use-after-free in IPC. Credit ...

[SECURITY] [DSA 3238-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3238-1 [email protected] http://www.debian.org/security/ Michael Gilbert April 26, 2015 http://www.debian.org/security/faq -...

DSA-3238-1 chromium-browser - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3238-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated chromium-browser-stable packages fix security vulnerabilities

Chromium-browser 42.0.2311.90 fixes several security issues, among others a cross-origin-bypass in HTML parser CVE-2015-1235, a cross-origin-bypass in Blink CVE-2015-1236, a use-after-free in IPC CVE-2015-1237, an out-of-bounds write in Skia CVE-2015-1238, an out-of-bounds read in WebGL...

Google Chrome 'SearchEngineTabHelper::OnPageHasOSDD' Information Disclosure Vulnerability

Google Chrome is a web browsing tool developed by Google. A security vulnerability exists in the 'SearchEngineTabHelper:: OnPageHasOSDD' function in the browser/ui/searchengines/searchenginetabhelper.cc file in Google Chrome versions prior to 42.0.2311.90, which originates from a failure to...

CVE-2015-1247

The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/searchengines/searchenginetabhelper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local...

CVE-2015-1247

The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/searchengines/searchenginetabhelper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local...

Code injection

The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/searchengines/searchenginetabhelper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local...

CVE-2015-1247

The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/searchengines/searchenginetabhelper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local...

CVE-2015-1247

The CVE-2015-1247 issue affects Google Chrome’s OpenSearch handling: the SearchEngineTabHelper::OnPageHasOSDD function did not sanitize file: URLs in OpenSearch descriptor XML, potentially allowing a remote site to read local files via a crafted http/https page. Affected: Chrome before 42.0.2311....

chromium: multiple issues

CVE-2015-1235 cross-origin bypass A vulnerability was discovered that allows cross-origin-bypass in the HTML parser. - CVE-2015-1236 cross-origin bypass A vulnerability was discovered that allows cross-origin-bypass in the rendering engine Blink. - CVE-2015-1237 arbitrary code execution An...

chromium-browser: Scheme issues in OpenSearch

The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/searchengines/searchenginetabhelper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local...

Fedora 13 : mediawiki-1.16.4-58.fc13 (2011-5807)

This update brings mediawiki to version 1.16.4, which is the latest stable release at the moment, but currently also the only supported and recommended release by the mediawiki developer community. Further changes : - some simple wiki management functionality was added : - mw-createinstance creat...

Fedora 14 : mediawiki-1.16.4-58.fc14 (2011-5812)

This update brings mediawiki to version 1.16.4, which is the latest stable release at the moment, but currently also the only supported and recommended release by the mediawiki developer community. Further changes : - some simple wiki management functionality was added : - mw-createinstance creat...

Fedora 15 : mediawiki-1.16.4-58.fc15 (2011-5848)

This update brings mediawiki to version 1.16.4, which is the latest stable release at the moment, but currently also the only supported and recommended release by the mediawiki developer community. Further changes : - some simple wiki management functionality was added : - mw-createinstance creat...