Lucene search
K

13 matches found

Packet Storm
Packet Storm
added 2017/05/25 12:0 a.m.60 views

WebKit HTMLObjectElement::updateWidget Universal XSS

WebKit: UXSS through HTMLObjectElement::updateWidget CVE-2017-2493 When an object element loads a JavaScript URLe.g., javascript:alert1, it checks whether it violate the Same Origin Policy or not. Here's some snippets of the logic. void HTMLObjectElement::updateWidgetCreatePlugins createPlugins...

7.5AI score0.0148EPSS
Exploits2
Exploit DB
Exploit DB
added 2017/05/25 12:0 a.m.36 views

Apple WebKit / Safari 10.0.3(12602.4.8) - 'Editor::Command::execute' Universal Cross-Site Scripting

document-updateLayoutIgnorePendingStylesheets; return mcommand-executemframe, triggeringEvent, msource, parameter; This method is invoked under an |EventQueueScope|. But |updateLayoutIgnorePendingStylesheets| invokes |MediaQueryMatcher::styleResolverChanged| that directly calls |handleEvent| not...

7.4AI score
Exploits0
0day.today
0day.today
added 2017/04/12 12:0 a.m.126 views

Apple WebKit / Safari 10.0.3 (12602.4.8) - Synchronous Page Load Universal Cross-Site Scripting Expl

Exploit for multiple platform in category web applications URL scriptURL; URL url; if protocolIsJavaScripturlString scriptURL = completeURLurlString; // completeURL encodes the URL. url = blankURL; else url = completeURLurlString; if shouldConvertInvalidURLsToBlank && !url.isValid url = blankURL;...

4.3CVSS7.7AI score0.04314EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/04/11 12:0 a.m.33 views

Apple WebKit / Safari 10.0.3 (12602.4.8) - Universal Cross-Site Scripting via a Focus Event and a Link Element

child = mfirstChild removeBetweennullptr, child-nextSibling, child; notifyChildNodeRemovedthis, child; If the location hash value is set, the page will give focus to the associated element. However, if there is a stylesheet that has not been loaded yet, the focusing will be delayed until the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/11 12:0 a.m.22 views

Apple WebKit / Safari 10.0.3 (12602.4.8) - Synchronous Page Load Universal Cross-Site Scripting

URL scriptURL; URL url; if protocolIsJavaScripturlString scriptURL = completeURLurlString; // completeURL encodes the URL. url = blankURL; else url = completeURLurlString; if shouldConvertInvalidURLsToBlank && !url.isValid url = blankURL; Frame frame = loadOrRedirectSubframeownerElement, url,...

7AI score
Exploits0
seebug.org
seebug.org
added 2017/04/07 12:0 a.m.40 views

WebKit: UXSS via a synchronous page load(CVE-2017-2480)

Here's a snippet of the method SubframeLoader::requestFrame which is invoked when the |src| of an iframe object is changed. bool SubframeLoader::requestFrameHTMLFrameOwnerElement& ownerElement, const String& urlString, const AtomicString& frameName, LockHistory lockHistory, LockBackForwardList...

4.3CVSS7.6AI score0.04314EPSS
Exploits3
seebug.org
seebug.org
added 2017/04/05 12:0 a.m.33 views

WebKit: table use-after-free(CVE-2017-2471)

There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on a nightly version of WebKit. The PoC has also been observed to crash Safari 10.0.3 on Mac. PoC: -webkit-border-image: urlfoo 1 5 1 63 repeat; -webkit-flow-into: foo function eventhandler var a;...

6.8CVSS8.1AI score0.08511EPSS
Exploits3
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.21 views

Apple WebKit - table Use-After-Free

Apple WebKit - table Use-After-Free -webkit-border-image: urlfoo 1 5 1 63 repeat; -webkit-flow-into: foo function eventhandler var a; document.execCommand"selectAll", false; output.slot = "foo"; table.deleteCaption; //trigger garbage collector forvar i=0;i foo !--...

7.4AI score
Exploits0
OSV
OSV
added 2017/02/20 8:59 a.m.3 views

DEBIAN-CVE-2017-2373

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and...

8.8CVSS9AI score0.06021EPSS
Exploits4References1
OSV
OSV
added 2017/02/20 8:59 a.m.3 views

DEBIAN-CVE-2017-2355

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute...

8.8CVSS8.5AI score0.02043EPSS
Exploits0References1
Prion
Prion
added 2017/02/20 8:59 a.m.22 views

Design/Logic Flaw

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted...

4.3CVSS5.7AI score0.018EPSS
Exploits0References6Affected Software4
Apple
Apple
added 2017/01/23 12:0 a.m.47 views

About the security content of Safari 10.0.3

About the security content of Safari 10.0.3 This document describes the security content of Safari 10.0.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

8.8CVSS0.1AI score0.07043EPSS
Exploits19References1Affected Software1
Apple
Apple
added 2017/01/23 12:0 a.m.104 views

About the security content of macOS Sierra 10.12.3

About the security content of macOS Sierra 10.12.3 This document describes the security content of macOS Sierra 10.12.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

9.8CVSS1.1AI score0.25314EPSS
Exploits8References1Affected Software1
Rows per page
Query Builder