CVE-2014-1883

Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed 1 in an IFRAME element or 2 with the XMLHttpRequest...

ASUS Router Multiple Vulnerabilities

The host is running ASUS Router and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodasusroutersmultvuln.nasl 6663 2017-07-11 09:58:05Z teissa $ ASUS Router Multiple Vulnerabilities Authors: Antu Sanadi Copyright: Copyright C 2014 SecPod, http://www.secpod.com This...

Google Chrome Multiple Vulnerabilities-02 (Oct 2013) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Google Chrome Multiple Vulnerabilities-02 (Oct 2013) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Google Chrome < 30.0.1599.101 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 30.0.1599.101. It is, therefore, affected by multiple vulnerabilities : - Use-after-free errors exist related to editing, forms, and XmlHttpRequest XHR. CVE-2013-2925, CVE-2013-2926, CVE-2013-2927 - Various, unspecifi...

CVE-2013-2925

Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object...

Design/Logic Flaw

Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object...

CVE-2013-2925

Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object...

CVE-2013-2925

Removed by vendor...

CVE-2013-2925

CVE-2013-2925 is a use-after-free in Blink’s XMLHttpRequest implementation (XMLHttpRequest.cpp) used by Google Chrome before 30.0.1599.101. Connected openSUSE/Nessus entries indicate this issue was addressed via Chromium updates (e.g., 30.0.1599.101 and later 30.0.1599.114) with multiple patches ...

Debian Security Advisory DSA 2406-1 (icedove - several vulnerabilities)

Several vulnerabilities have been discovered in Icedove, Debian's variant of the Mozilla Thunderbird code base. CVE-2011-3670Icedove does not not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through ...

Mozilla多个产品不正确XMLHttpRequest调用限制漏洞

CVE ID:CVE-2013-1714 Mozilla Firefox/SeaMonkey/Thunderbird是Mozilla所发布的WEB浏览器/新闻组客户端/邮件客户端 Mozilla Firefox/SeaMonkey/Thunderbird Web Workers实现不正确限制XMLHttpRequest调用，允许远程攻击者利用漏洞绕过同源策略，进行跨站脚本攻击，可获取敏感信息或劫持用户会话 0 Mozilla Firefox 23.0 Mozilla Firefox ESR 17.x Mozilla Thunderbird 17.0.8 Mozilla Thunderbi...

Firefox < 23.0 Multiple Vulnerabilities

The installed version of Firefox is earlier than 23.0 and is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701, CVE-2013-1702 - Use-after-free errors exist related to DOM modification when using...

Mozilla SeaMonkey Multiple Vulnerabilities (Aug 2013) - Windows

Mozilla SeaMonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Firefox ESR 17.x < 17.0.8 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 17.x is earlier than 17.0.8 and is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701 - Unspecified errors exist related to HTML frames and history handling,...

Mozilla Thunderbird ESR Multiple Vulnerabilities (Aug 2013) - Windows

Mozilla Thunderbird ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Mozilla Firefox ESR Multiple Vulnerabilities (Aug 2013) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Mozilla: Same-origin bypass with web workers and XMLHttpRequest (MFSA 2013-73)

The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy a...

CVE-2013-1714

CVE-2013-1714 concerns Mozilla Firefox and related Mozilla components. The affected products are Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20. Root cause (per the connected MiracleLinux/Nessus entry):...

Ubuntu 12.04 LTS / 12.10 / 13.04 : firefox vulnerabilities (USN-1924-1)

Jeff Gilbert, Henrik Skupin, Ben Turner, Christian Holler, Andrew McCreight, Gary Kwong, Jan Varga and Jesse Ruderman discovered multiple memory safety issues in Firefox. If the user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of...