EUVD-2015-6692

Malware in sbrugna...

USN-2770-1: Oxide vulnerabilities

It was discovered that ContainerNode::parserInsertBefore in Blink would incorrectly proceed with a DOM tree insertion in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same origin restrictions. CVE-2015-67...

CVE-2015-6755

The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin...

Code injection

The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin...

CVE-2015-6755

CVE-2015-6755 affects Blink (ContainerNode::parserInsertBefore in core/dom/ContainerNode.cpp) used by Google Chrome prior to 46.0.2490.71. The issue allows bypassing the Same Origin Policy via crafted JavaScript that triggers a DOM tree insertion even when a parent node no longer contains a child...

CVE-2015-6755

Removed by vendor...

CVE-2015-6755

The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin...