Mageia: Security Advisory (MGASA-2016-0183)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Chrome Universal XSS through adopting image elements (CVE-2016-1667)

VULNERABILITY DETAILS When a node is being adopted, the tree scope adopter calls |didMoveToNewDocument| on each rescoped node in the tree. The 同理 ， iframe 、 js也采用类似的处理流程 implementation of |didMoveToNewDocument| calls the corresponding method on the related loader, which clears and stops observing...

openSUSE Security Update : Chromium (openSUSE-2016-756)

Chromium was updated to 51.0.2704.103 to fix three vulnerabilities : - CVE-2016-1704: Various fixes from internal audits, fuzzing and other initiatives shared identifier boo985397 Includes vulnerability fixes from 50.0.2661.102 boo979859 : - CVE-2016-1667: Same origin bypass in DOM - CVE-2016-166...

openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:1655-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for Chromium (important)

Chromium was updated to 51.0.2704.103 to fix three vulnerabilities: - CVE-2016-1704: Various fixes from internal audits, fuzzing and other initiatives shared identifier boo985397 Includes vulnerability fixes from 50.0.2661.102 boo979859: - CVE-2016-1667: Same origin bypass in DOM - CVE-2016-1668:...

Google Chrome < 50.0.2661.102 Multiple Vulnerabilities

Binary data 9371.pasl...

[SECURITY] [DSA 3590-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3590-1 [email protected] https://www.debian.org/security/ Michael Gilbert June 01, 2016 https://www.debian.org/security/faq -...

FreeBSD : chromium -- multiple vulnerabilities (4dfafa16-24ba-11e6-bd31-3065ec8fd3ec)

Google Chrome Releases reports : 5 security fixes in this release, including : - 605766 High CVE-2016-1667: Same origin bypass in DOM. Credit to Mariusz Mlynski. - 605910 High CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit to Mariusz Mlynski. - 606115 High CVE-2016-1669: Buffer...

USN-2960-1: Oxide vulnerabilities

An out of bounds write was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code. CVE-2016-1660 It was discovered that Blink assumes that a frame...

openSUSE Security Update : Chromium (openSUSE-2016-584)

Chromium was updated to 50.0.2661.102 to fix four vulnerabilities boo979859 : - CVE-2016-1667: Same origin bypass in DOM - CVE-2016-1668: Same origin bypass in Blink V8 bindings - CVE-2016-1669: Buffer overflow in V8 - CVE-2016-1670: Race condition in loader %NASLMINLEVEL 70300 C Tenable Network...

Security update for Chromium (important)

Chromium was updated to 50.0.2661.102 to fix four vulnerabilities boo979859: - CVE-2016-1667: Same origin bypass in DOM - CVE-2016-1668: Same origin bypass in Blink V8 bindings - CVE-2016-1669: Buffer overflow in V8 - CVE-2016-1670: Race condition in loader...

CVE-2016-1667

CVE-2016-1667 describes a cross-origin bypass in the DOM implementation of Blink/WebKit used by Google Chrome before 50.0.2661.102. The vulnerability stems from the TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp, which failed to prevent script execution during node adop...

CVE-2016-1667

The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a...

Important: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

CVE-2016-1667

The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a...

CVE-2016-1667

The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 5 security fixes in this release, including: 605766 High CVE-2016-1667: Same origin bypass in DOM. Credit to Mariusz Mlynski. 605910 High CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit to Mariusz Mlynski. 606115 High CVE-2016-1669: Buffer overflow i...