CVE-2011-3968

Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets CSS token sequences...

CVE-2011-3968

Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets CSS token sequences...

CVE-2011-3968

Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets CSS token sequences...

CVE-2011-3966

Technical details for CVE-2011-3966 are not provided in the connected documents; please monitor for updates.

CVE-2011-3968

Technical details for CVE-2011-3968 are not publicly available in the provided connected documents; monitor for updates.

CVE-2011-3966

Removed by vendor...

CVE-2011-3966

Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets CSS token-sequence data...

Fedora 15 : firefox-9.0.1-1.fc15 / gnome-python2-extras-2.25.3-35.fc15.4 / nspr-4.8.9-2.fc15 / etc (2011-17399)

The latest version of Firefox and Thunderbird have the following changes : - Added Type Inference, significantly improving JavaScript performance - Added support for querying Do Not Track status via JavaScript - Added support for font-stretch - Improved support for text-overflow - Improved...

Microsoft Anti-XSS Library Bypass (MS12-007)

Introduction ------------- Microsoft Anti-XSS Library is used to protect applications from Cross-Site Scripting attacks, by providing methods for input sanitization. Vulnerability ------------- Microsoft Anti-XSS Library 3.0 and 4.0 are vulnerable to an attack in which an attacker is able to crea...

Microsoft Anti-XSS Library Bypass

No description provided by source. Microsoft Anti-XSS Library is used to protect applications from Cross-Site Scripting attacks, by providing methods for input sanitization. Vulnerability ------------- Microsoft Anti-XSS Library 3.0 and 4.0 are vulnerable to an attack in which an attacker is able...

Microsoft Anti-XSS Library Bypass

Introduction ------------- Microsoft Anti-XSS Library is used to protect applications from Cross-Site Scripting attacks, by providing methods for input sanitization. Vulnerability ------------- Microsoft Anti-XSS Library 3.0 and 4.0 are vulnerable to an attack in which an attacker is able to crea...

SA-CONTRIB-2013-004 - Live CSS - Arbitrary Code Execution

This module enables you to save CSS and LESS files on the server via your browser. The module doesn't check that the file being saved isn't a script or executable. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer CSS". CVE identifiers...

Debian DSA-2366-1 : mediawiki - multiple vulnerabilities

Several problems have been discovered in MediaWiki, a website engine for collaborative work. - CVE-2011-1578 CVE-2011-1587 Masato Kinugawa discovered a cross-site scripting XSS issue, which affects Internet Explorer clients only, and only version 6 and earlier. Web server configuration changes ar...

Cross site scripting

The Microsoft Anti-Cross Site Scripting AntiXSS Library 3.x and 4.0 does not properly evaluate characters after the detection of a Cascading Style Sheets CSS escaped character, which allows remote attackers to conduct cross-site scripting XSS attacks via HTML input, aka "AntiXSS Library Bypass...

[SECURITY] [DSA 2366-1] mediawiki security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2366-1 [email protected] http://www.debian.org/security/ Jonathan Wiltshire December 18, 2011 http://www.debian.org/security/faq -...

Fedora 16 : firefox-9.0-3.fc16 / nss-3.13.1-9.fc16 / nss-softokn-3.13.1-14.fc16 / etc (2011-17400)

The latest version of Firefox and Thunderbird have the following changes : - Added Type Inference, significantly improving JavaScript performance - Added support for querying Do Not Track status via JavaScript - Added support for font-stretch - Improved support for text-overflow - Improved...

Firefox < 4 CSS Browser History Disclosure Vulnerability

The installed version of Firefox 3 is potentially affected by an information disclosure vulnerability. The JavaScript function 'getComputedStyle', and functions like it, can be used in a timing attack to determine if a browser has visited links on the page. C Tenable Network Security, Inc...

FreeBSD : chromium -- multiple vulnerabilities (68ac6266-25c3-11e1-b63a-00262d5ed8ee)

Google Chrome Releases reports : 81753 Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community. 95465 Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team Inferno. 98809 Medium CVE-2011-3906:...

CVE-2011-3909

The Cascading Style Sheets CSS implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service memory corruption via unspecified vectors...

CVE-2011-3909

The Cascading Style Sheets CSS implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service memory corruption via unspecified vectors...