553 matches found
chromium: multiple security fixes in Chrome 38.0.2125.101
Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree,...
CVE-2014-3190
Use-after-free vulnerability in the Event::currentTarget function in core/events/Event.cpp in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JavaScript code that...
CVE-2014-3195
Google V8, as used in Google Chrome before 38.0.2125.101, does not properly track JavaScript heap-memory allocations as allocations of uninitialized memory and does not properly concatenate arrays of double-precision floating-point numbers, which allows remote attackers to obtain sensitive...
CVE-2014-3190
Removed by vendor...
CVE-2014-3195
Removed by vendor...
CVE-2014-3191
Removed by vendor...
CVE-2014-3191
CVE-2014-3191 is a use-after-free vulnerability in Blink used by Google Chrome prior to 38.0.2125.101. It arises from widget-position update interactions with the render tree, specifically in FrameView.cpp (FrameView::updateLayoutAndStyleForPainting) and RenderLayerScrollableArea.cpp (RenderLayer...
CVE-2014-3191
Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree,...
CVE-2014-3191
Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree,...
ALPINE-CVE-2014-7204
jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service infinite loop and CPU and disk consumption via a crafted JavaScript file...
Code injection
jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service infinite loop and CPU and disk consumption via a crafted JavaScript file...
CVE-2014-5318
The jigbrowser+ application 1.8.1 and earlier for iOS allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code...
UBUNTU-CVE-2014-1561
Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during 1 page, 2 panel, or 3 toolbar customization...
Design/Logic Flaw
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript code that interacts improperly with a CollectGarbage function call on a CMarkup object allocated by the CMarkup::CreateInitialMarkup function...
CVE-2014-1743
Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted...
UBUNTU-CVE-2014-1743
Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted...
CVE-2014-1524
The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2014-1527
CVE-2014-1527 affects Mozilla Firefox for Android (Android builds, e.g., Firefox 28.x and earlier; NVD references Firefox before 29.0 on Android). The vulnerability allows remote attackers to spoof the address bar by crafting JavaScript that uses DOM events to prevent reappearance of the real add...
Mozilla: Buffer overflow when using non-XBL object as XBL (MFSA 2014-38)
The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2014-1524
The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of...