6 matches found
Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3076-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3076-1 advisory. Atte Kettunen discovered an out-of-bounds read when handling certain Content Security Policy CSP directives in some circumstances. If a user...
Information disclosure
Opera before 19 on Mac OS X allows user-assisted remote attackers to spoof the address bar via vectors involving a drag-and-drop operation...
CVE-2014-1870
CVE-2014-1870 affects Opera on Mac OS X prior to version 19. The vulnerability allows a user‑assisted remote attacker to spoof the address bar through drag‑and‑drop related vectors. The public records consistently describe the issue as an address bar spoofing flaw in Opera before 19 on macOS, wit...
Cross site scripting
Cross-site scripting XSS vulnerability in WebKit, as used in Apple iOS before 5.1, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a drag-and-drop operation...
Information disclosure
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different 1 domain or 2 zone via vectors involving a drag-and-drop operation, aka "Drag and Drop Information Disclosure Vulnerability."...
CVE-2011-1258
CVE-2011-1258 affects Microsoft Internet Explorer 6–8. The vulnerability arises from improper restriction of web scripting, enabling a user‑assisted attacker to disclose sensitive information from a different domain/zone via drag‑and‑drop. Impact is partial confidentiality loss. Remediation: appl...