Chrome Universal XSS using Flash message loop (CVE-2016-1631)

VULNERABILITY DETAILS From /content/renderer/pepper/ppbflashmessageloopimpl. cc: int32t PPBFlashMessageLoopImpl::InternalRun const RunFromHostProxyCallback& callback ... // It is possible that the PPBFlashMessageLoopImpl object has been // destroyed when the nested message loop exits. scopedrefpt...

Chrome the improper use of Flash message loop leads to the UXSS Vulnerability, CVE-2016-1631）

Author: Avfisher@network sharp knife 0x00 Preface This writing comes from a few days ago a buddy sent me a bug link to let the author help explain the vulnerability principle, in order to facilitate the partner understanding and left notes for future reference and then write this article. This...

Updated chromium-browser-stable packages fix security vulnerability

Chromium-browser-stable 49.0.2623.108 fixes security issues: Multiple security issues were found in upstream chromium 49.0.2623.87: an out-of-bounds read problem in V8 CVE-2016-1646, use-after-free bugs in Navigation CVE-2016-1647 and Extensions CVE-2016-1648; a buffer overflow in libANGLE...

openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:0729-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:0684-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for Chromium (important)

Chromium was updated to 49.0.2623.75 to fix the following security issues: boo969333 - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free i...

Important: Red Hat Security Advisory: chromium-browser security update

Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...

FreeBSD : chromium -- multiple vulnerabilities (f85fa236-e2a6-412e-b5c7-c42120892de5)

Google Chrome Releases reports : 560011 High CVE-2016-1630: Same-origin bypass in Blink. 569496 High CVE-2016-1631: Same-origin bypass in Pepper Plugin. 549986 High CVE-2016-1632: Bad cast in Extensions. 572537 High CVE-2016-1633: Use-after-free in Blink. 559292 High CVE-2016-1634: Use-after-free...

openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:0664-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for Chromium (important)

Chromium was updated to 49.0.2623.75 to fix the following security issues: boo969333 - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free i...

CVE-2016-1631

The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

CVE-2016-1631

CVE-2016-1631 affects the Chrome Pepper Plugin API (PPB_Flash_MessageLoop_Impl::InternalRun) in Chrome prior to 49.0.2623.75. The issue arises from mishandling nested message loops, enabling a remote attacker to bypass the Same Origin Policy via a crafted web site. Affected remediation is upgradi...

[SECURITY] [DSA 3507-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3507-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 05, 2016 https://www.debian.org/security/faq -...