9 matches found
SUSE CVE-2015-1293
The DOM implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy via unspecified vectors...
Chrome Universal XSS by loading a javascript: URI from an unloaded window (CVE-2015-1293)
VULNERABILITY DETAILS From /WebKit/Source/core/frame/DOMWindow.cpp: bool DOMWindow::isInsecureScriptAccessLocalDOMWindow& callingWindow, const String& urlString if !protocolIsJavaScripturlString return false; // If this DOMWindow isn't currently active in the Frame, then there's no // way we shou...
RHEL 6 : chromium-browser (RHSA-2015:1712)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2015:1712 advisory. Chromium is an open-source web browser, powered by WebKit Blink. Several flaws were found in the processing of malformed web content. A web...
[USN-2735-1] Oxide vulnerabilities
========================================================================== Ubuntu Security Notice USN-2735-1 September 08, 2015 oxide-qt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
Ubuntu: Security Advisory (USN-2735-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome Multiple Vulnerabilities-01 (Sep 2015) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CVE-2015-1293
CVE-2015-1293: In Blink’s DOM implementation used by Google Chrome prior to 45.0.2454.85, remote attackers could bypass the Same Origin Policy through unspecified vectors. The issue is a DOM-related cross-origin bypass in Chrome/Chromium, addressed by Chrome 45.0.2454.85, with related advisories ...
CVE-2015-1293
The DOM implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy via unspecified vectors...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 29 security fixes in this release, including: 516377 High CVE-2015-1291: Cross-origin bypass in DOM. Credit to anonymous. 522791 High CVE-2015-1292: Cross-origin bypass in ServiceWorker. Credit to Mariusz Mlynski. 524074 High CVE-2015-1293: Cross-origin bypass in...