10 matches found
openSUSE Security Update : Chromium (openSUSE-2015-595)
Chromium was updated to the 45.0.2454.85 of the stable channel to fix multiple security issues. The following vulnerabilities were fixed : - CVE-2015-1291: Cross-origin bypass in DOM - CVE-2015-1292: Cross-origin bypass in ServiceWorker - CVE-2015-1293: Cross-origin bypass in DOM - CVE-2015-1294:...
RHEL 6 : chromium-browser (RHSA-2015:1712)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2015:1712 advisory. Chromium is an open-source web browser, powered by WebKit Blink. Several flaws were found in the processing of malformed web content. A web...
[USN-2735-1] Oxide vulnerabilities
========================================================================== Ubuntu Security Notice USN-2735-1 September 08, 2015 oxide-qt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
Ubuntu: Security Advisory (USN-2735-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2735-1: Oxide vulnerabilities
It was discovered that the DOM tree could be corrupted during parsing in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions or cause a denial of service. CVE-2015-1291 An issue was...
Google Chrome Multiple Vulnerabilities-01 (Sep 2015) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CVE-2015-1291
The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not check whether a node is expected, which allows remote attackers to bypass the Same Origin Policy or cause a denial of service DOM tree corruption via a web...
CVE-2015-1291
CVE-2015-1291 is a concrete Chrome/Blink vulnerability: the ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp fails to validate node types, enabling a remote attacker to bypass same-origin policy or trigger a denial of service (DOM tree corruption) through crafted JavaScript...
CVE-2015-1291
Removed by vendor...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 29 security fixes in this release, including: 516377 High CVE-2015-1291: Cross-origin bypass in DOM. Credit to anonymous. 522791 High CVE-2015-1292: Cross-origin bypass in ServiceWorker. Credit to Mariusz Mlynski. 524074 High CVE-2015-1293: Cross-origin bypass in...