19 matches found
EUVD-2009-3903
Malware in sbrugna...
EUVD-2008-6479
Malware in sbrugna...
CVE-2009-3932
The Gears plugin in Google Chrome before 3.0.195.32 allows user-assisted remote attackers to cause a denial of service memory corruption and plugin crash or possibly execute arbitrary code via unspecified use of the Gears SQL API, related to putting "SQL metadata into a bad state."...
CVE-2014-3674
Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors...
ria_enumerator
This plugin searches for various Rich Internet Application files. It currently searches for: Google gears manifests These files are used to determine which files are locally cached by google gears. They do not get cleared when the browser cache is cleared and may contain sensitive information. Fl...
Google Chrome Multiple Vulnerabilities - Nov09
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnnov09.nasl 5055 2017-01-20 14:08:39Z teissa $ Google Chrome Multiple Vulnerabilities - Nov09 Authors: Sharath S Copyright: Copyright c 2009 SecPod,...
CVE-2009-3932
The Gears plugin in Google Chrome before 3.0.195.32 allows user-assisted remote attackers to cause a denial of service memory corruption and plugin crash or possibly execute arbitrary code via unspecified use of the Gears SQL API, related to putting "SQL metadata into a bad state."...
Memory corruption
The Gears plugin in Google Chrome before 3.0.195.32 allows user-assisted remote attackers to cause a denial of service memory corruption and plugin crash or possibly execute arbitrary code via unspecified use of the Gears SQL API, related to putting "SQL metadata into a bad state."...
CVE-2009-3932
CVE-2009-3932 affects Google Chrome’s Gears plugin prior to version 3.0.195.32. The vulnerability allows user‑assisted remote attackers to cause memory corruption and a plugin crash, with the potential for arbitrary code execution via the Gears SQL API, linked to putting SQL metadata into a bad s...
CVE-2009-3932
The Gears plugin in Google Chrome before 3.0.195.32 allows user-assisted remote attackers to cause a denial of service memory corruption and plugin crash or possibly execute arbitrary code via unspecified use of the Gears SQL API, related to putting "SQL metadata into a bad state."...
CVE-2009-3932
Removed by vendor...
Google Updates Chrome with Stability Fixes to Browser
Google has released a new version of Chrome, 3.0.195.32, with a security update that addresses a high risk vulnerability in its WebKit-based browser. In addition to a number of stability fixes, the stable channel update fixes a bug that could lead to possible memory corruption in the Gears plug-i...
Google Chrome < 3.0.195.32 RCE
Binary data 5225.pasl...
Google Chrome < 3.0.195.32 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 3.0.195.32. Such versions are reportedly affected by multiple issues : - The user is not warned about certain dangerous file types such as 'SVG', 'MHT', and 'XML'. In some browsers, JavaScript can execute within these types...
Google Gears WorkerPool API绕过同源策略漏洞
BUGTRAQ ID: 32698 CVECAN ID: CVE-2008-6512 Google Gears是一个开源浏览器扩展,允许开发者开发离线网络程序。 Google Gears的WorkerPool API中存在跨域安全漏洞。如果攻击者在目标域上放置了包含有Google Gear命令的文件类型,然后从攻击域访问该文件,由于没有检查攻击域的响应头,因此可能绕过allowCrossOrigin函数的访问限制在目标域中运行worker代码。 Google Gears 0.5.4.2 厂商补丁: Google ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下...
CVE-2008-6512
Cross-domain vulnerability in the WorkerPool API in Google Gears before 0.5.4.2 allows remote attackers to bypass the Same Origin Policy and the intended access restrictions of the allowCrossOrigin function by hosting an assumed-safe file type containing Google Gear commands on the target domain,...
Cross site scripting
Cross-domain vulnerability in the WorkerPool API in Google Gears before 0.5.4.2 allows remote attackers to bypass the Same Origin Policy and the intended access restrictions of the allowCrossOrigin function by hosting an assumed-safe file type containing Google Gear commands on the target domain,...
CVE-2008-6512
Cross-domain vulnerability in the WorkerPool API in Google Gears before 0.5.4.2 allows remote attackers to bypass the Same Origin Policy and the intended access restrictions of the allowCrossOrigin function by hosting an assumed-safe file type containing Google Gear commands on the target domain,...
CVE-2008-6512
The CVE concerns Google Gears' WorkerPool API, where