Design/Logic Flaw

The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service...

CVE-2015-1228

CVE-2015-1228 affects Google Chrome (Blink) before 41.0.2272.76. The vulnerability is caused by RenderCounter::updateCounter not forcing a relayout and not initializing memory for a data structure, which can be triggered by a crafted CSS token sequence. The result is a denial of service (applicat...

CVE-2015-1228

Removed by vendor...

Google Chrome CSS Token Sequence Denial of Service Vulnerability

Google Chrome is a popular WEB browser. The 'RenderCounter::updateCounter' function in the core/rendering/RenderCounter.cpp file in Blink used by Google Chrome has a security vulnerability due to the program's failure to Because the program fails to enforce relayout operations and fails to proper...

UBUNTU-CVE-2015-1228

The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service...

CVE-2015-1228

The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service...

WordPress Plugin WonderPlugin Audio Player Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WonderPlugin Audio Player is one of the audio player plugin. WordPress WonderPlugin Audio Player plugin 2.0 and...

KLA10463 Multiple vulnerabilities in Google Chrome

Multiple critical vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or inject arbitrary code. Below is a complete list of vulnerabilities 1. Name conflict can be exploited remotely via a...

FreeBSD : mozilla -- multiple vulnerabilities (99029172-8253-407d-9d8b-2cfeab9abf81)

The Mozilla Project reports : MFSA-2015-11 Miscellaneous memory safety hazards rv:36.0 / rv:31.5 MFSA-2015-12 Invoking Mozilla updater will load locally stored DLL files MFSA-2015-13 Appended period to hostnames can bypass HPKP and HSTS protections MFSA-2015-14 Malicious WebGL content crash when...

PNMsoft Sequence Kinetics Information Disclosure Vulnerability

PNMsoft Sequence Kinetics is a suite of intelligent workflow applications from PNMsoft that can organize modeling, design, and execution.Form Controls CSS is one of the control form CSS files. A security vulnerability exists in the Form Controls CSS file in PNMsoft Sequence Kinetics 7.5 and earli...

Out-of-bounds

The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read of heap memory via a crafted Cascading Style Sheets CSS token sequence that triggers a restyle or reflow operation...

CVE-2015-0826

CVE-2015-0826 accuracy: The vulnerability affects Mozilla Firefox before 36.0, where nsTransformedTextRun::SetCapitalization can be triggered by a crafted CSS token sequence during restyle or reflow. The underlying issue is an out-of-bounds read of heap memory, enabling remote code execution or a...

CVE-2015-0826

The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read of heap memory via a crafted Cascading Style Sheets CSS token sequence that triggers a restyle or reflow operation...

CVE-2015-0826

The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read of heap memory via a crafted Cascading Style Sheets CSS token sequence that triggers a restyle or reflow operation...

UBUNTU-CVE-2015-0826

The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read of heap memory via a crafted Cascading Style Sheets CSS token sequence that triggers a restyle or reflow operation...

Buffer overflow during CSS restyling — Mozilla

Security researcher Atte Kettunen used the Address Sanitizer tool to discover an out-of-bounds read during the application of restyling and reflowing changes of web content using CSS. This results in a potentially exploitable crash...

CVE-2014-6304

The Form Controls CSS file in PNMsoft Sequence Kinetics before 7.7 allows remote attackers to obtain sensitive source-code information via unspecified vectors...

CVE-2014-6304

CVE-2014-6304 affects PNMsoft Sequence Kinetics—the Form Controls CSS file—where information disclosure enables remote attackers to obtain sensitive source-code information. Public entries indicate impact for Sequence Kinetics versions up to 7.6 (CNVD reference cites 7.5 and earlier; NVD notes vu...

CVE-2014-6304

The Form Controls CSS file in PNMsoft Sequence Kinetics before 7.7 allows remote attackers to obtain sensitive source-code information via unspecified vectors...

[SECURITY] Fedora 20 Update: rubygem-sprockets-2.8.2-5.fc20

Sprockets is a Rack-based asset packaging system that concatenates and serv es JavaScript, CoffeeScript, CSS, LESS, Sass, and SCSS...