11 matches found
SUSE CVE-2014-1701
The GenerateFunction function in bindings/scripts/codegeneratorv8.pm in Blink, as used in Google Chrome before 33.0.1750.149, does not implement a certain cross-origin restriction for the EventTarget::dispatchEvent function, which allows remote attackers to conduct Universal XSS UXSS attacks via...
Fedora 20 : firefox-34.0-1.fc20 / thunderbird-31.3.0-1.fc20 (2014-16259)
New Firefox release - 34.0. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
openSUSE Security Update : chromium (openSUSE-SU-2014:0501-1)
Chromium was updated to the 33.0.1750.152 stable channel uodate : - Security fixes : - CVE-2014-1713: Use-after-free in Blink bindings - CVE-2014-1714: Windows clipboard vulnerability - CVE-2014-1705: Memory corruption in V8 - CVE-2014-1715: Directory traversal issue Previous stable channel updat...
openSUSE: Security Advisory for chromium (openSUSE-SU-2014:0501-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 2883-1] chromium-browser security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2883-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 23, 2014 http://www.debian.org/security/faq -...
Google Chrome Multiple Vulnerabilities-02 (Mar 2014) - Linux
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Google Chrome Multiple Vulnerabilities-02 (Mar 2014) - Mac OS X
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CVE-2014-1701
The CVE-2014-1701 issue affects Blink in Google Chrome prior to 33.0.1750.149. The root cause is a missing cross-origin restriction in GenerateFunction (bindings/scripts/code_generator_v8.pm) for EventTarget::dispatchEvent, enabling Universal XSS via events. Public references in Debian/openSUSE a...
FreeBSD : www/chromium --multiple vulnerabilities (24cefa4b-a940-11e3-91f2-00262d5ed8ee)
Google Chrome Releases reports : 7 vulnerabilities fixed in this release, including : - 344881 High CVE-2014-1700: Use-after-free in speech. Credit to Chamal de Silva. - 342618 High CVE-2014-1701: UXSS in events. Credit to aidanhs. - 333058 High CVE-2014-1702: Use-after-free in web database. Cred...
Google Chrome < 33.0.1750.149 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is a version prior to 33.0.1750.149. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to 'speech' and 'web database' processing. CVE-2014-1700, CVE-2014-1702 - An input validation error...
Stable Channel Update
The Stable Channel has been updated to 33.0.1750.149 for Windows, Mac, and Linux. This release also contains a Flash Player update, to version 12.0.0.77. Security Fixes and Rewards This update includes 7 security fixes. Below, we highlight fixes that were either contributed by external researcher...