12 matches found
EUVD-2015-6727
Malware in sbrugna...
SUSE CVE-2015-6790
The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as...
USN-2860-1 oxide-qt vulnerabilities
A race condition was discovered in the MutationObserver implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the...
CVE-2015-6790
Removed by vendor...
UBUNTU-CVE-2015-6790
The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as...
Google Chrome HTML Injection Vulnerability
Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the page serializer of Google Chrome versions prior to 47.0.2526.73, which stems from the program's failure to properly handle Mark of the Web MOTW annotations for URLs containing th...
CVE-2015-6784
The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web MOTW comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring...
Design/Logic Flaw
The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web MOTW comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring...
CVE-2015-6784
Removed by vendor...
CVE-2015-6784
The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web MOTW comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring...
UBUNTU-CVE-2015-6784
The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web MOTW comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring...
CVE-2015-6784
The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web MOTW comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring...