CVE-2015-1235

Removed by vendor...

CVE-2015-1235

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element...

UBUNTU-CVE-2015-1235

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element...

Google Chrome < 42.0.2311.90 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 42.0.2311.90. It is, therefore, affected by multiple vulnerabilities as referenced in the 201504stable-channel-update14 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attacke...

O3Read 0.0.3 HTML Parser Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12000/info o3read is prone to a buffer overflow vulnerability. This issue is exposed when the program parses HTML content during file format conversion. This issue is considered to be remote in nature since it is possible...

Alfresco Enterprise contains multiple cross-site scripting vulnerabilities

Overview Alfresco Enterprise 4.1.6 and possibly earlier versions are vulnerable to multiple cross-site scripting XSS vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' Alfresco Enterprise is vulnerable to a stored cross-site...

Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability - Windows

Apple Safari is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari";...

Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability - Mac OS X

Apple Safari is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari";...

Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)

This host is installed with Apple Safari and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbapplesafariwebcorewebkitxssvulnwin.nasl 6022 2017-04-25 12:51:04Z teissa $ Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability Windows Authors: Antu Sanadi...

Google Chrome Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Linux)

This host is installed with Google Chrome and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbgooglechromewebcorewebkitxssvulnlin.nasl 5958 2017-04-17 09:02:19Z teissa $ Google Chrome Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability Linux Authors: Antu Sanadi...

WebKit跨站脚本保护绕过漏洞

CVE ID:CVE-2012-5851 WebKit是一款开放源代码的浏览器引擎。 Google Chrome 22及Safari 5.1.7使用的WebKit中WebCore html/parser/XSSAuditor.cpp没有考虑到所有可能的反射数据所输出的内容，允许攻击者通过特制的字符串比较容易的绕过跨站脚本保护机制。 0 Google Chrome 22使用的WebKit Apple Safari 5.1.7使用的WebKit 目前没有详细解决方案提供： http://www.webkit.org...

Mandrake Linux Security Advisory : netscape (MDKSA-2000:080)

A buffer overflow exists in the HTML parser code of the Netscape web browser in all versions prior to and including 4.75. This buffer overflow can be exploited by a remote attacker or web site. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Scientific Linux Security Update : kdelibs on SL4.x, SL5.x i386/x86_64

A flaw was found in the way the KDE CSS parser handled content for the CSS 'style' attribute. A remote attacker could create a specially crafted CSS equipped HTML page, which once visited by an unsuspecting user, could cause a denial of service Konqueror crash or, potentially, execute arbitrary...

Google Chrome Multiple Vulnerabilities (Windows) - June 11

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnwinjun11.nasl 7019 2017-08-29 11:51:27Z teissa $ Google Chrome Multiple Vulnerabilities Windows - June 11 Authors: Madhuri D Copyright: Copyright c 2011...

Google Chrome Multiple Vulnerabilities (Linux) - June 11

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnlinjun11.nasl 7006 2017-08-25 11:51:20Z teissa $ Google Chrome Multiple Vulnerabilities Linux - June 11 Authors: Madhuri D Copyright: Copyright c 2011...

Google Chrome Multiple Vulnerabilities (Jun 2011) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-2350

The HTML parser in Google Chrome before 12.0.742.112 does not properly address "lifetime and re-entrancy issues," which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2011-2350

The HTML parser in Google Chrome before 12.0.742.112 does not properly address "lifetime and re-entrancy issues," which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2011-2350

The HTML parser in Google Chrome before 12.0.742.112 does not properly address "lifetime and re-entrancy issues," which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2011-2350

CVE-2011-2350: Google Chrome's HTML parser is affected before version 12.0.742.112 due to lifetime and re-entrancy issues. This can allow a remote attacker to cause a denial of service or potentially other impact via unknown vectors. The description and linked references indicate a patch/update i...