OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)

A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions...

USN-2607-1: Module::Signature vulnerabilities

John Lightsey discovered that Module::Signature incorrectly handled PGP signature boundaries. A remote attacker could use this issue to trick Module::Signature into parsing the unsigned portion of the SIGNATURE file as the signed portion. CVE-2015-3406 John Lightsey discovered that...

Battle of Wesnoth directory traversal

Directory traversal on maps loading...

Design/Logic Flaw

The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a link's target, and spoof the user interface, vi...

CVE-2015-1156

CVE-2015-1156 affects WebKit as used by Apple Safari: the page-loading implementation does not correctly handle the rel attribute in an A element, allowing a crafted site to bypass the Same Origin Policy for a link’s target and spoof the user interface. Affected Safari/WebKit versions include bef...

[ MDVSA-2015:207 ] perl-Module-Signature

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:207 http://www.mandriva.com/en/support/security/ Package : perl-Module-Signature Date : April 27, 2015 Affected: Business Server 1.0 Problem Description: Updated perl-Module-Signature package fixes the...

HackerOne: Making any Report Failed to load

Hello, I found a way to make any report failed to load using this code with Hex Character: www.%40ebаy.com I was testing for Homographic Issue using Hex Characters and I listed all of hex character and tried to bypass. Then, when I paste the list and comment it in a report I experienced report...

OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)

A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions...

OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)

A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions...

Privacy killer: the Flash permissions reflection-vulnerability warning-the black bar safety net

0x00 Preface Always thought the risk has long been valued, but recently accidentally found, there are still many sites the presence of the defects, which are some of the commonly used email, social networking sites, so it is necessary then to explore it again. In fact, this is not what...

Fedora 20 : perl-Module-Signature-0.78-1.fc20 / perl-Test-Signature-1.11-1.fc20 (2015-5840)

This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a 'skip' parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behavior ...

MGASA-2015-0160 Updated perl-Module-Signature packages fix security vulnerabilities

Updated perl-Module-Signature package fixes the following security vulnerabilities reported by John Lightsey: Module::Signature could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries. When verifying t...

OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)

A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions...

RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2015:0808)

The remote Redhat Enterprise Linux 5 / 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0808 advisory. - jar: directory traversal vulnerability CVE-2005-1080 - OpenJDK: incorrect handling of phantom references Hotspot, 8071931...

OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)

A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions...

OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)

A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions...

OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)

A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions...

OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)

A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions...

CVE-2 0 1 1-2 4 6 1 principles of analysis and case studies-vulnerability and early warning-the black bar safety net

0x00 vulnerability background From the CVE numbers it can be seen that this vulnerability has been for some years 1。 Because this vulnerability occurs in the Flex SDK, rather than the Flash Player. So for developers, as long as they used to have the defects of the Flex SDK to compile FLASH, then ...

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2015-44 Certificate verification bypass through the HTTP/2 Alt-Svc header MFSA 2015-43 Loading privileged content through Reader mode...