27 matches found
EUVD-2014-1821
Malware in sbrugna...
EUVD-2016-2806
Malware in sbrugna...
CVE-2011-2353
Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function...
Design/Logic Flaw
Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function...
CVE-2011-2353
Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function...
CVE-2011-2353
Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function...
chrome: UXSS in DocumentLoader::createWriterFor
Details: thirdparty/WebKit/Source/core/loader/DocumentLoader.cpp:735: cpp PassRefPtrWillBeRawPtr DocumentLoader::createWriterForconst Document ownerDocument, const DocumentInit& init, const AtomicString& mimeType, const AtomicString& encoding, bool dispatch, ParserSynchronizationPolicy...
WebKit: use-after-free in WebCore::DocumentLoader::frameLoader(CVE-2017-13794)
There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. ASan log: ================================================================= ==689==ERROR: AddressSanitizer: heap-use-after-free on address 0x6110000889c8 at pc 0x000114c94a...
WebKit WebCore::DocumentLoader::frameLoader Use-After-Free
WebKit: use-after-free in WebCore::DocumentLoader::frameLoader CVE-2017-13794 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: ================================================================= function go iframe.name...
WebKit - WebCore::DocumentLoader::frameLoader Use-After-Free Exploit
Exploit for multiple platform in category dos / poc function go iframe.name = "foo"; var form = document.createElement"form"; iframe.src = "data:text/html,foo"; form.submit; window.onbeforeunload = f; function f document.head.appendChilddel; ::get...
WebKit - 'WebCore::DocumentLoader::frameLoader' Use-After-Free
function go iframe.name = "foo"; var form = document.createElement"form"; iframe.src = "data:text/html,foo"; form.submit; window.onbeforeunload = f; function f document.head.appendChilddel; ::get /Users/projectzero/webkit/webkit/WebKitBuild/Release/WebCore.framework/Versions/A/WebCore:x8664+0x45a...
WebKit - WebCore::DocumentLoader::frameLoader Use-After-Free
WebKit - WebCore::DocumentLoader::frameLoader Use-After-Free function go iframe.name = "foo"; var form = document.createElement"form"; iframe.src = "data:text/html,foo"; form.submit; window.onbeforeunload = f; function f document.head.appendChilddel; ::get...
Chrome Universal XSS via the unload_event module (CVE-2015-6769)
VULNERABILITY DETAILS From /WebKit/Source/core/loader/DocumentLoader.cpp: PassRefPtrWillBeRawPtr DocumentLoader::createWriterForconst Document ownerDocument, const DocumentInit& init, ... LocalFrame frame = init.frame; ASSERT!frame-document || !frame-document-isActive; ASSERTframe-tree.childCount...
The vulnerability of Google Chrome browser allows a violator to circumvent existing access restrictions policies.
The vulnerability in the WebKit/Source/core/loader/FrameLoader.cpp file of the Google Chrome browser’s Blink component is related to the continued operation of the frame navigation mechanism during the disconnection of the DocumentLoader object. Exploiting this vulnerability could allow a malicio...
Ubuntu 14.04 LTS / 16.04 LTS : Oxide vulnerabilities (USN-3041-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3041-1 advisory. Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could...
Design/Logic Flaw
WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...
CVE-2016-1711
WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...
The vulnerability of Google Chrome browser allows a malicious individual to inject any web script or HTML code they desire.
The Google Chrome browser contains a vulnerability related to cross-site scripting XSS in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp of Blink. Exploiting this vulnerability allows malicious actors to inject any web script or HTML code, using specially crafte...
CVE-2016-1697
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScrip...
CVE-2016-1697
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScrip...