9 matches found
EUVD-2015-7139
Malware in sbrugna...
Design/Logic Flaw
Mozilla Firefox before 43.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls, a...
CVE-2015-7207
Mozilla Firefox before 43.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls, a...
RHEL 6 : chromium-browser (RHSA-2015:1712)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2015:1712 advisory. Chromium is an open-source web browser, powered by WebKit Blink. Several flaws were found in the processing of malformed web content. A web...
[USN-2735-1] Oxide vulnerabilities
========================================================================== Ubuntu Security Notice USN-2735-1 September 08, 2015 oxide-qt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
Ubuntu: Security Advisory (USN-2735-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome Multiple Vulnerabilities-01 (Sep 2015) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CVE-2015-1300
CVE-2015-1300 affects Blink (Chrome’s rendering engine): FrameFetchContext::updateTimingInfoForIFrameNavigation does not properly restrict IFRAME Resource Timing API times, enabling a remote attacker to glean sensitive info via crafted JavaScript using history.back. Affects Chrome before 45.0.245...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 29 security fixes in this release, including: 516377 High CVE-2015-1291: Cross-origin bypass in DOM. Credit to anonymous. 522791 High CVE-2015-1292: Cross-origin bypass in ServiceWorker. Credit to Mariusz Mlynski. 524074 High CVE-2015-1293: Cross-origin bypass in...