Firefox ESR 45.x < 45.3 Multiple Vulnerabilities (Mac OS X)

The version of Firefox ESR installed on the remote Mac OS X host is 45.x prior to 45.3. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists due to a failure to close connections after requesting favicons. An attacker can exploit this to contin...

Firefox ESR 45.x < 45.3 Multiple Vulnerabilities

The version of Firefox ESR installed on the remote Windows host is 45.x prior to 45.3. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists due to a failure to close connections after requesting favicons. An attacker can exploit this to continu...

[SECURITY] [DLA 585-1] firefox-esr security update

Package : firefox-esr Version : 45.3.0esr-1deb7u1 CVE ID : CVE-2016-2830 CVE-2016-2836 CVE-2016-2837 CVE-2016-2838 CVE-2016-5252 CVE-2016-5254 CVE-2016-5258 CVE-2016-5259 CVE-2016-5262 CVE-2016-5263 CVE-2016-5264 CVE-2016-5265 Multiple security issues have been found in the Mozilla Firefox web...

CVE-2016-5145

Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code...

Debian Security Advisory DSA 3637-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1704 The chrome development team found and fixed various issues during internal auditing. CVE-2016-1705 The chrome development team found and fixed various issues during internal auditing. CVE-2016-1706 Pinkie Pie...

openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:1918-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 3640-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3640-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 03, 2016 https://www.debian.org/security/faq -...

Updated chromium-browser-stable packages fix security vulnerability

Multiple unspecified vulnerabilities in chromium before 52.0.2743.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-1705 The PPAPI implementation in Chromium before 52.0.2743.82 does not validate the origin of IPC messages to the plugin...

Mozilla: Same-origin policy violation using local HTML file and saved shortcut file (MFSA 2016-80)

Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS UXSS attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same loca...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 10 security fixes in this release, including: 629542 High CVE-2016-5141 Address bar spoofing. Credit to anonymous 626948 High CVE-2016-5142 Use-after-free in Blink. Credit to anonymous 625541 High CVE-2016-5139 Heap overflow in pdfium. Credit to GiWan Go of Stealie...

Debian Security Advisory DSA 3640-1 (firefox-esr - security update)

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code, cross-site scriping, information disclosure and bypass of the same-origin policy. OpenVAS...

CVE-2016-5265

Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS UXSS attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same loca...

UBUNTU-CVE-2016-5265

Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS UXSS attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same loca...

DSA-3640-1 firefox-esr - security update

Bulletin has no description...

Stable Channel Update for Desktop

The stable channel has been updated to 52.0.2743.116 for Windows, Mac, and Linux. This will roll out over the coming days/weeks. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictio...

Firefox local file disclosure and same-origin policy bypass-vulnerability warning-the black bar safety net

Security research experts found that an attacker can use the Firefox browser offers“page Save as”function to read the target user's computer stored in any file. In addition, the attacker can also use this mechanism to get external web server in the data content. This kind of thing occurs, is...

Debian DSA-3637-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2016-1704 The chrome development team found and fixed various issues during internal auditing. - CVE-2016-1705 The chrome development team found and fixed various issues during internal auditing. - CVE-2016-1706 Pinki...

openSUSE Security Update : Chromium (openSUSE-2016-919)

Chromium was updated to 52.0.2743.82 to fix the following security issues boo989901 : - CVE-2016-1706: Sandbox escape in PPAPI - CVE-2016-1707: URL spoofing on iOS - CVE-2016-1708: Use-after-free in Extensions - CVE-2016-1709: Heap-buffer-overflow in sfntly - CVE-2016-1710: Same-origin bypass in...

[SECURITY] [DSA 3637-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3637-1 [email protected] https://www.debian.org/security/ Michael Gilbert July 31, 2016 https://www.debian.org/security/faq -...

Security update for Chromium (important)

Chromium was updated to 52.0.2743.82 to fix the following security issues boo989901: - CVE-2016-1706: Sandbox escape in PPAPI - CVE-2016-1707: URL spoofing on iOS - CVE-2016-1708: Use-after-free in Extensions - CVE-2016-1709: Heap-buffer-overflow in sfntly - CVE-2016-1710: Same-origin bypass in...