14 matches found
Astra Linux - уязвимость в firefox
The SVG element could have been used to load unexpected content that might execute scripts under certain circumstances. Although the specification appears to allow this, other browsers do not do so. Web developers relied on this property for script security, so Gecko’s implementation was aligned...
SUSE CVE-2010-1403
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service application cra...
SUSE CVE-2022-28284
SVG's use element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with...
CVE-2022-28284
SVG's use element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with...
The vulnerability in the implementation of the SVG <use> element in the Mozilla Firefox browser allows a malicious actor to execute arbitrary JavaScript code.
The vulnerability of the SVG element implementation in Mozilla Firefox is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...
UBUNTU-CVE-2022-28284
SVG's use element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with...
Mozilla Firefox 安全特征问题漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security feature issue vulnerability exists in Mozilla Firefox versions 92.0 through 98.0.2, which stems from an error that allows the element of SVG to load unexpected content and execute it under...
CVE-2019-18856
A Denial Of Service vulnerability exists in the SVG Sanitizer module through 8.x-1.0-alpha1 for Drupal because access to external resources with an SVG use element is mishandled...
Google Chrome Multiple Vulnerabilities (Windows) - June 11
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnwinjun11.nasl 7019 2017-08-29 11:51:27Z teissa $ Google Chrome Multiple Vulnerabilities Windows - June 11 Authors: Madhuri D Copyright: Copyright c 2011...
Google Chrome Multiple Vulnerabilities (Jun 2011) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Stable Channel Update
The Chrome Stable channel has been updated to 12.0.742.112 for all platforms. This release contains an updated version of Adobe Flash, along with the security fixes noted below. Security fixes and rewards: Please see the Chromium security page for more detail. Note that the referenced bugs may be...
WebKit: multiple vulnerabilities in WebKitGTK
Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allow remote attackers to execute arbitrary code or cause a denial of service application crash via a 1 font-fac...
Null pointer dereference
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...
Google Chrome < 7.0.517.44 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 7.0.517.44. Such versions are reportedly affected by multiple vulnerabilities : - A use-after-free error exists in text editing. Issue 51602 - A memory corruption error exists relating to enormous text area. Issue 55257 - A...