5 matches found
Mageia: Security Advisory (MGASA-2016-0116)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple Safari Multiple Vulnerabilities-01 (Sep 2015) - Mac OS X
Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...
Apple Safari SOP bypass (CVE-2015-3753)
Damien Antipa and me love browser security. Hence we always keep up to date on what is going on this field. Few months ago Christian Schneider blogged about Chrome SOP Bypass with SVG. We decided to poke some other browser using the same technique and the outcome was CVE-2015-3753. The SOP-bypass...
CVE-2015-3753
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly perform taint checking for CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive image data by leveraging a...
CVE-2015-3753
CVE-2015-3753 affects WebKit used in Apple Safari (before 6.2.8, before 7.1.8 for 7.x, and before 8.0.8 for 8.x; on iOS prior to 8.4.1). The root cause is improper taint checking for CANVAS elements, which could allow remote attackers to bypass the Same Origin Policy and exfiltrate sensitive imag...