Google Chrome multiple vulnerabilities - July 10

The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnjul10.nasl 5306 2017-02-16 09:00:16Z teissa $ Google Chrome multiple vulnerabilities - July 10 Authors: Madhuri D Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Design/Logic Flaw

Google Chrome before 5.0.375.99 does not properly isolate sandboxed IFRAME elements, which has unspecified impact and remote attack vectors...

CVE-2010-2646

CVE-2010-2646 affects Google Chrome up to version 5.0.375.99, where sandboxing of IFRAME elements was not properly isolated. This memory-corruption/remote-vector issue has high severity (CVSS 9.3) with unspecified impact described in the entry. The available connected documents indicate a vendor ...

Microsoft IE cross-domain IFRAME gadgets keystrokes steal Vulnerability

This host is installed with Internet Explorer and is prone to cross-domain iframe gadgets keystrokes steal vulnerability. OpenVAS Vulnerability Test $Id: secpodmsieiframeinfodiscvulnjune10.nasl 5394 2017-02-22 09:22:42Z teissa $ Microsoft IE cross-domain IFRAME gadgets keystrokes steal...

Mozilla Products 'IFRAME' Denial Of Service vulnerability (Windows)

The host is installed with Mozilla Firefox/Seamonkey and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodmozillaprdtsiframedosvulnwin.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products 'IFRAME' Denial Of Service vulnerability Windows Authors: Antu Sanadi...

Mozilla Products 'IFRAME' DoS Vulnerability - Windows

Mozilla Firefox/Seamonkey is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft IE cross-domain IFRAME gadgets keystrokes steal Vulnerability

Internet Explorer is prone to cross-domain iframe gadgets keystrokes steal vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2010-2442

Microsoft Internet Explorer, possibly 8, does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets."...

CVE-2010-2441

WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and CVE-2010-2295...

CVE-2010-2441

WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and CVE-2010-2295...

Cross site scripting

Microsoft Internet Explorer, possibly 8, does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets."...

CVE-2010-2442

Microsoft Internet Explorer, possibly 8, does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets."...

CVE-2010-2441

CVE-2010-2441 in WebKit: improper restrictions on focus changes enables reading keystrokes via cross-domain IFRAME gadgets. The issue is addressed by openSUSE/libwebkit updates to WebKit 1.2.7 (examples: openSUSE-SU-2011:0024/0458-1 patches for libwebkit) which list CVE-2010-2441 among fixed bugs...

CVE-2010-2442

CVE-2010-2442 concerns Microsoft Internet Explorer (noted as IE 8 or similar) where the browser does not properly restrict focus changes, enabling a remote attacker to read keystrokes through cross-domain IFRAME gadgets. The primary affected component is the browser’s handling of focus and cross-...

CVE-2010-2441

WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and CVE-2010-2295...

CVE-2010-2441

Removed by vendor...

CVE-2010-1757

WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document...

CVE-2010-1757

WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document...

Design/Logic Flaw

WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML document...

CVE-2010-1407

WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML document...