11 matches found
EUVD-2014-7779
Malware in sbrugna...
EUVD-2015-1359
Malware in sbrugna...
GHSA-Q43X-79JR-CQ98 tarteaucitron.js vulnerable to DOM Clobbering via document.currentScript
A vulnerability was identified in tarteaucitron.js where document.currentScript was accessed without verifying that it referenced an actual element. If an attacker injected an HTML element such as: it could clobber the document.currentScript property. This causes the script to resolve incorrectly...
CVE-2015-1218
Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents,...
chromium-browser: use-after-free in DOM
Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact...
Google Chrome DOM memory misreference vulnerability (CNVD-2015-00666)
Google Chrome is a popular WEB browser. A memory misreference vulnerability in the HTMLScriptElement::didMoveToNewDocument function in the Google Chrome DOM implementation core/html/HTMLScriptElement.cpp allows an attacker to construct a malicious WEB page and trick the user into parsing it, whic...
CVE-2014-7929
Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact...
CVE-2014-7929
Removed by vendor...
CVE-2014-7929
Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact...
CVE-2014-7929
Chrome Blink use-after-free in DOM HTMLScriptElement::didMoveToNewDocument (CVE-2014-7929). Affects Google Chrome before 40.0.2214.91; vulnerability occurs when moving a SCRIPT element across documents, enabling remote DoS or unspecified impact. Mitigation: update to Chrome 40.0.2214.91 or newer ...
CVE-2014-7929
Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact...