[SECURITY] [DSA 2732-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2732-1 [email protected] http://www.debian.org/security/ Michael Gilbert July 31, 2013 http://www.debian.org/security/faq -...

Debian DSA-2732-1 : chromium-browser - several vulnerabilities

Several vulnerabilities have been discovered in the Chromium web browser. - CVE-2013-2881 Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling. - CVE-2013-2882 Cloudfuzzer discovered a type confusion issue in the V8 JavaScript library. - CVE-2013-2883 Cloudfuzzer...

Debian Security Advisory DSA 2732-1 (chromium-browser - several vulnerabilities)

Several vulnerabilities have been discovered in the Chromium web browser. CVE-2013-2881 Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling. CVE-2013-2882 Cloudfuzzer discovered a type confusion issue in the V8 javascript library. CVE-2013-2883 Cloudfuzzer...

[SECURITY] Fedora 17 Update: python-tw2-jquery-2.0.3-5.fc17

toscawidgets2 tw2 aims to be a practical and useful widgets framework that helps people build interactive websites with compelling features, fast er and easier. Widgets are re-usable web components that can include a templat e, server-side code and JavaScripts/CSS resources. The library aims to b...

YUI JavaScript library -- JavaScript injection exploits in Flash components

The YUI team reports: Vulnerability in YUI 2.4.0 through YUI 2.9.0 A XSS vulnerability has been discovered in some YUI 2 .swf files from versions 2.4.0 through 2.9.0. This defect allows JavaScript injection exploits to be created against domains that host affected YUI .swf files. If your site loa...

[SECURITY] Fedora 18 Update: guacamole-common-js-0.6.1-2.fc18

Guacamole is an HTML5 web application that provides access to desktop environments using remote desktop protocols such as VNC or RDP. A centraliz ed server acts as a tunnel and proxy, allowing access to multiple desktops thr ough a web browser. No plugins are needed: the client requires nothing...

Cloupia End-to-end FlexPod Management Directory Traversal

Exploit for jsp platform in category web applications Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes Software Description Provides end-to-end FlexPod management and...

FreeBSD : YUI JavaScript library -- JavaScript injection exploits in Flash components (d560b346-08a2-11e0-bcca-0050568452ac)

The YUI team reports : A security-related defect was introduced in the YUI 2 Flash component infrastructure beginning with the YUI 2.4.0 release. This defect allows JavaScript injection exploits to be created against domains that host affected YUI .swf files. %NASLMINLEVEL 70300 C Tenable Network...

Multiple DOM-Based XSS in Dojo Toolkit SDK

=========================================================== Multiple DOM-Based XSS in Dojo Toolkit SDK Public Release Date: 3/12/2010 Adam Bixby - Gotham Digital Science [email protected] Affected Software: Dojo Toolkit SDK = Build 1.4.1 Browser used for testing: IE8 8.0.7600.16385 Severity:...

Dojo Toolkit SDK v1.4.1 Cross Site Scripting Vulnerability

Exploit for unknown platform in category web applications ========================================================== Dojo Toolkit SDK v1.4.1 Cross Site Scripting Vulnerability ========================================================== ===========================================================...

Adobe Acrobat < 8.1.2 / 7.1.0 Multiple Vulnerabilities

The version of Adobe Acrobat installed on the remote host is earlier than 8.1.2 or 7.1.0. Such versions are reportedly affected by multiple vulnerabilities : - A design error vulnerability may allow an attacker to gain control of a user's printer. - Multiple stack-based buffer overflows may allow...