9 matches found
Chrome Universal XSS using navigator.serviceWorker.ready (CVE-2015-1292)
VULNERABILITY DETAILS From /WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp: ScriptPromise ServiceWorkerContainer::readyScriptState callerState if !executionContext return ScriptPromise; ... if !mready mready = createReadyProperty; if mprovider mprovider-getRegistrationForReadynew...
RHEL 6 : chromium-browser (RHSA-2015:1712)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2015:1712 advisory. Chromium is an open-source web browser, powered by WebKit Blink. Several flaws were found in the processing of malformed web content. A web...
[USN-2735-1] Oxide vulnerabilities
========================================================================== Ubuntu Security Notice USN-2735-1 September 08, 2015 oxide-qt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
Ubuntu: Security Advisory (USN-2735-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome Multiple Vulnerabilities-01 (Sep 2015) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CVE-2015-1292
The NavigatorServiceWorker::serviceWorker function in modules/serviceworkers/NavigatorServiceWorker.cpp in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy by accessing a Service Worker...
CVE-2015-1292
CVE-2015-1292 is a concrete Chrome/Blink vulnerability. The NavigatorServiceWorker::serviceWorker function in modules/serviceworkers/NavigatorServiceWorker.cpp allowed a remote attacker to bypass the Same Origin Policy by accessing a Service Worker, as part of Chrome before 45.0.2454.85. Public d...
CVE-2015-1292
The NavigatorServiceWorker::serviceWorker function in modules/serviceworkers/NavigatorServiceWorker.cpp in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy by accessing a Service Worker...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 29 security fixes in this release, including: 516377 High CVE-2015-1291: Cross-origin bypass in DOM. Credit to anonymous. 522791 High CVE-2015-1292: Cross-origin bypass in ServiceWorker. Credit to Mariusz Mlynski. 524074 High CVE-2015-1293: Cross-origin bypass in...