66 matches found
EUVD-2017-14576
Malware in sbrugna...
EUVD-2016-6092
Malware in sbrugna...
SUSE CVE-2017-5472
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...
WebKit WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy Heap Use-After-Free
WebKit: heap-use-after-free in WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy VULNERABILITY DETAILS PolicyChecker.cpp: define ISALLOWED mframe.page ? mframe.page-sessionID.isAlwaysOnLoggingAllowed : false define PAGEID mframe.loader.pageID.valueOrPageIdentifier.toUInt64 define FRAMEID...
WebKit WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy Heap Use-After-Free Vulnerability
WebKit: heap-use-after-free in WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy VULNERABILITY DETAILS PolicyChecker.cpp: define ISALLOWED mframe.page ? mframe.page-sessionID.isAlwaysOnLoggingAllowed : false define PAGEID mframe.loader.pageID.valueOrPageIdentifier.toUInt64 define FRAMEID...
CVE-2017-5472
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...
WebKit FrameLoader::clear Same-Origin Policy Bypass
WebKit: Same-Origin Policy bypass in FrameLoader::clear VULNERABILITY DETAILS void FrameLoader::clearDocument newDocument, bool clearWindowProperties, bool clearScriptObjects, bool clearFrameView mframe.editor.clear; if !mneedsClear return; // 1 mneedsClear = false; if...
WebKit - Universal XSS Using Cached Pages
WebKit - Universal XSS Using Cached Pages VULNERABILITY DETAILS void FrameLoader::detachChildren ... SubframeLoadingDisabler subframeLoadingDisablermframe.document; // 1 Vector, 16 childrenToDetach; childrenToDetach.reserveInitialCapacitymframe.tree.childCount; for Frame child =...
WebKit - Universal XSS Using Cached Pages Exploit
VULNERABILITY DETAILS void FrameLoader::detachChildren ... SubframeLoadingDisabler subframeLoadingDisablermframe.document; // 1 Vector, 16 childrenToDetach; childrenToDetach.reserveInitialCapacitymframe.tree.childCount; for Frame child = mframe.tree.lastChild; child; child =...
WebKit - Universal XSS Using Cached Pages
VULNERABILITY DETAILS void FrameLoader::detachChildren ... SubframeLoadingDisabler subframeLoadingDisablermframe.document; // 1 Vector, 16 childrenToDetach; childrenToDetach.reserveInitialCapacitymframe.tree.childCount; for Frame child = mframe.tree.lastChild; child; child =...
Denial Of Service (DoS)
Mozilla Firefox is vulnerable to use-after-free vulnerability. This is possible with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. An attacker may exploit this issue to crash the affected application,...
Apple Safari FrameLoader Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
DEBIAN-CVE-2017-5472
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...
CVE-2017-5472
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...
Design/Logic Flaw
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...
CVE-2017-5472
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...
CVE-2017-5472
CVE-2017-5472 is a use-after-free in Mozilla's frameloader during CSS layout regeneration, leading to potential crash. Concrete details in connected docs show impact on Firefox versions <54, Firefox ESR <52.2, and Thunderbird
CVE-2017-5472
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...
WebKit: use-after-free in WebCore::DocumentLoader::frameLoader(CVE-2017-13794)
There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. ASan log: ================================================================= ==689==ERROR: AddressSanitizer: heap-use-after-free on address 0x6110000889c8 at pc 0x000114c94a...
WebKit WebCore::DocumentLoader::frameLoader Use-After-Free
WebKit: use-after-free in WebCore::DocumentLoader::frameLoader CVE-2017-13794 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: ================================================================= function go iframe.name...