EUVD-2009-1687

Malware in sbrugna...

EUVD-2014-1805

Malware in sbrugna...

WebKit HTMLSelectElement Use-After-Free Exploit

WebKit use-after-free in HTMLSelectElement There is a use-after-free in HTMLSelectElement. If the length of the HTMLSelectElement is set to a value greater than the existing options length then dummy HTMLOptionElements elements are created. These HTMLOptionsElements are stored as raw pointers in...

WebKit HTMLSelectElement Use-After-Free

WebKit use-after-free in HTMLSelectElement There is a use-after-free in HTMLSelectElement. If the length of the HTMLSelectElement is set to a value greater than the existing options length then dummy HTMLOptionElements elements are created. These HTMLOptionsElements are stored as raw pointers in...

Each rush of the weekend, all need to work together light getting tired of the twice cooked pork to enrich their inexplicable restlessness-vulnerability warning-the black bar safety net

Each rush of the weekend, all need to work together light getting tired of the twice cooked pork, to enrich yourself of the inexplicable restlessness that! Today, we'll take you to re-咂摸 a classic DOM UAF vulnerabilities is! To Re-analysis of a classic DOM UAF vulnerability case study: Firefox...

Apple WebKit - HTMLKeygenElement Type Confusion Exploit

Exploit for multiple platform in category dos / poc var range = document.caretRangeFromPoint50, 50; var shadowtreecontainer = range.commonAncestorContainer; shadowtreecontainer.prepend"foo"; keygenelement.disabled = true; 0day.today 2018-01-05...

CVE-2014-1731

core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibl...

CVE-2014-1731

CVE-2014-1731 affects Blink’s DOM implementation (HTMLSelectElement) in Google Chrome prior to 34.0.1847.131 on Windows/OS X and before 34.0.1847.132 on Linux. The vulnerability arises from insufficient renderer state checking during a focus event, enabling a remote attacker to trigger denial of ...

CVE-2014-1731

Removed by vendor...

UBUNTU-CVE-2014-1731

core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibl...

Google Chrome < 2.0.172.37 Buffer Overflow

Binary data 800904.prm...

CVE-2009-1692

WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service memory consumption or device reset via a web page containing an HTMLSelectElement object with a large...

CVE-2009-1692

WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service memory consumption or device reset via a web page containing an HTMLSelectElement object with a large...

CVE-2009-1692

Removed by vendor...

CVE-2009-1692

WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service memory consumption or device reset via a web page containing an HTMLSelectElement object with a large...

CVE-2009-1692

CVE-2009-1692 affects WebKit (as used in Apple Safari, Mobile Safari on iPhone OS 1.0–2.2.x, iPod touch; and related WebKit-based apps). The issue is triggered by a large length attribute on an HTMLSelectElement, causing memory consumption or device reset (denial of service). Root cause: improper...

PT-2009-4174 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: WebKit versions before r41741 Apple iPhone OS versions 1.0 through 2.2.1 Apple iPhone OS for iPod touch versions 1.1 through 2.2.1 Safari affected versions not specified Description: The issue allows remote attackers to cause a denial of...

Opera < 9.64 Multiple Vulnerabilities

Binary data 4945.prm...