Service workers and base URIs

Previously when we've run into a contentious service worker design issue, we've asked web developers what they think. This has worked out pretty well in the past, with developer feedback directly informing spec changes. It's also great because we can blame y'all if you pick the wrong thing. Well,...

CVE-2016-1728

The Cascading Style Sheets CSS implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the "a:visited button" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web site...

CVE-2016-1728

CVE-2016-1728 affects WebKit CSS handling of the a:visited button selector during height processing in Apple iOS before 9.2.1 and Safari before 9.0.3. This privacy issue could allow a remote attacker to ascertain whether a user has visited specific links via a crafted page. The vulnerability is a...

economictimes.indiatimes.com XSS vulnerability

Vulnerable URL: http://economictimes.indiatimes.com/csslistnew.cms?ver=19--promptString.fromCharCode88,83,83,80,79,83,69,68...

Apple iOS WebKit Information Disclosure Vulnerability (CNVD-2016-00527)

Apple iOS is Apple's operating system for several smart devices. Apple iOS handles the "a:visited button" CSS selector, which allows an attacker to build a malicious web page and trick the user into parsing it, which can determine whether the user has visited a particular link...

January 2016 Apple Security Patches iOS, OS X, Safari

Apple on Tuesday released security patches for iOS, OS X and an update for the Safari browser. The patches come less than a week after a ShmooCon presentation by Synack director of research Patrick Wardle revealed that Apple’s Gatekeeper security feature in OS X can be bypassed by an attacker wit...

Hackazon - A Modern Vulnerable Web App

Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications. Hackazon has an AJAX interface, strict workflows and RESTful API’s used by a companion mobile app providing uniquely-effective training and...

[SECURITY] Fedora 22 Update: shellinabox-2.19-1.fc22

Shell In A Box implements a web server that can export arbitrary command li ne tools to a web based terminal emulator. This emulator is accessible to any JavaScript and CSS enabled web browser and does not require any additional browser plugins...

[SECURITY] Fedora 22 Update: roundcubemail-1.1.4-2.fc22

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 23 Update: shellinabox-2.19-1.fc23

Shell In A Box implements a web server that can export arbitrary command li ne tools to a web based terminal emulator. This emulator is accessible to any JavaScript and CSS enabled web browser and does not require any additional browser plugins...

AVM FRITZ!Box: Arbitrary Code Execution Via Firmware Images

Advisory: AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images The firmware upgrade process of the FRITZ!Box 7490 is flawed. Specially crafted firmware images can overwrite critical files. Arbitrary code can get executed if an attempt is made to install such a manipulated...

Checkpoint Cross Site Scripting

Exploit Title: Checkpoint.com sub-domains Reflected XSS RXSS Date: 12/11/2015 Author: Yann CAM @ Synetis - ASafety Vendor or Software Link: www.checkpoint.com Version: / Category: Reflected Cross Site Scripting Google dork: Tested on: checkpoint.com sub-domains Checkpoint description :...

Microsoft Internet Explorer URLIMGCTX Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

[SECURITY] [DSA 3376-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3376-1 [email protected] https://www.debian.org/security/ Michael Gilbert October 20, 2015 https://www.debian.org/security/faq -...

Debian DSA-3376-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2015-1303 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in the DOM implementation. - CVE-2015-1304 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in the v8 JavaScript library. -...

DSA-3376-1 chromium-browser - security update

Bulletin has no description...

Debian Security Advisory DSA 3376-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-1303 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in the DOM implementation. CVE-2015-1304 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in the v8 javascript library...

Google Chrome Blink Same-Origin Policy Bypass Vulnerability (CNVD-2015-06764)

Google Chrome is an open source WEB browser. Google uses Blink in the Cascading Style Sheets CSS implementation of the core/css/CSSFontFaceSrcValue.cpp file in the 'CSSFontFaceSrcValue::fetch ' function in the core/css/css/CSSFontFaceSrcValue.cpp file contains a security vulnerability that can be...

chromium-browser: CORS bypass in CSS fonts

The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets CSS implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's URL appears to be a same-origin URL, which allows...

CVE-2015-6762

The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets CSS implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's URL appears to be a same-origin URL, which allows...