16 matches found
EUVD-2012-5275
Malware in sbrugna...
EUVD-2014-0837
Malware in sbrugna...
CVE-2018-12716
The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scanresults JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its...
CVE-2 0 1 6-1 7 7 9 technical analysis and the story behind it-vulnerability warning-the black bar safety net
The Geolocation API is used to obtain the user's host device's location, and it has a complete protection of user privacy mechanisms. But the CVE-2 0 1 6-1 7 7 6 this vulnerability to bypass the Geolocation authentication of the source of a security mechanism, and it is possible to cause the user...
firefox security update
31.3.0-4.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones 31.3.0-4 - Update to 31.3.0 ESR Build 2 - Fix for geolocation API rhbz1063739 31.2.0-5 - splice workaround rhbz1150082 31.2.0-4 - ppc build fix rhbz1151959...
Code injection
The Sleipnir Mobile application 2.12.1 and earlier and Sleipnir Mobile Black Edition application 2.12.1 and earlier for Android provide Geolocation API data without verifying user consent, which allows remote attackers to obtain sensitive location information via a web site that makes API calls...
CVE-2014-0806
The Sleipnir Mobile application 2.12.1 and earlier and Sleipnir Mobile Black Edition application 2.12.1 and earlier for Android provide Geolocation API data without verifying user consent, which allows remote attackers to obtain sensitive location information via a web site that makes API calls...
CVE-2014-0806
CVE-2014-0806 affects Sleipnir Mobile for Android (and Black Edition) up to version 2.12.1. The issue arises from improper handling of the Geolocation API, causing the user’s location data to be disclosed to websites that request it without user consent. The vulnerability can be exploited remotel...
Information disclosure vulnerability in Sleipnir Mobile for Android
Overview Sleipnir Mobile for Android contains an issue in handling Geolocation API, which may result in the disclosure of a user's location. Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an issue in handling Geolocation API, which may resul...
JVN#81637882: Information disclosure vulnerability in Sleipnir Mobile for Android
Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an issue in handling Geolocation API, which may result in the disclosure of a user's location. Impact When a website that a user is viewing requests the user's location information, Sleipnir...
Opera 16 Fixes Bugs, Improves HTML5 Performance
Norwegian software company Opera pushed out version 16 of its eponymous Internet browser this week, complete with what it’s calling “tons of bug fixes,” improved performance and a slew of new features and APIs. While the full changelog hasn’t been published yet, Ruarí Ødegaard, a member of Opera’...
CVE-2012-5354
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.ope...
Design/Logic Flaw
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.ope...
CVE-2012-5354
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.ope...
CVE-2012-5354
CVE-2012-5354 is covered by details in connected advisories/plugins. The open-connected sources show that Mozilla Firefox before 16.0, Mozilla Thunderbird before 16.0, and SeaMonkey before 2.13 are vulnerable to a clickjacking-style issue when navigating away from a page that has an active set of...
CVE-2012-5354
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.ope...