SUSE CVE-2010-4043

Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document...

chromium-browser: limited cross-origin bypass in serviceworker

WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same Origin Policy via...

chromium-browser: use-after-free in Blink

Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted...

Apple Saferi multiple vulnerabilities (Mar10)

The host is running Apple Saferi and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodapplesafarimultvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Apple Safari multiple vulnerabilities Mar10 Authors: Madhuri D Updated By: Antu Sanadi on 2010-18-2010 Added the CVE and...

Firefox 2 and 3 - Layout engine crashes

The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which...