3 matches found
CVE-2013-2835
Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site, a different vulnerability than CVE-2013-2834...
NextGEN Gallery 2.0.0 Directory Traversal
https://security.dxw.com/advisories/directory-traversal-in-nextgen-gallery-2-0-0/ Details ================ Software: NextGEN Gallery Version: 2.0.0 Homepage: http://wordpress.org/plugins/nextgen-gallery/ CVSS: 5 Medium; AV:N/AC:L/Au:N/C:P/I:N/A:N Description ================ Directory traversal i...
CVE-2013-2835
CVE-2013-2835 : Google Chrome OS prior to 26.0.1410.57 contains an origin restriction bypass in the O3D and Google Talk plug-ins, allowing remote attackers to bypass the domain-whitelist protection via a crafted website. Affected product/version: Google Chrome OS