Google Chrome < 52.0.2743.82 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 52.0.2743.82. It is, therefore, affected by multiple vulnerabilities as referenced in the 201607stable-channel-update advisory. - The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origi...

Google Chrome < 52.0.2743.82 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 52.0.2743.82. It is, therefore, affected by multiple vulnerabilities as referenced in the 201607stable-channel-update advisory. - The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin ...

Multiple Apple products WebKit homology policy bypass vulnerability (CNVD-2016-05666)

Apple iOS, Safari, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser that comes with Mac OS X and iOS operating systems; and tvOS is an operating system for smart TVs. webKit is an open source web...

Google Chrome V8 Same Origin Policy Bypass Vulnerability (CNVD-2016-05641)

Google Chrome is a web browsing tool developed by Google. Google Chrome version 52.0.2743.82, prior to V8 5.2.361.27objects.cc does not prevent the API interceptor from modifying the storage target without setting an attribute A security vulnerability exists in which a remote attacker can bypass...

Multiple Apple Products WebKit Homologation Policy Bypass Vulnerability

Apple iOS, Safari, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser that comes with Mac OS X and iOS operating systems; and tvOS is an operating system for smart TVs. webKit is an open source web...

Google Chrome SOP Protection Mechanism Bypass Vulnerability

Google Chrome is a web browsing tool developed by Google. A protection mechanism bypass vulnerability exists in Service Workers in versions prior to Google Chrome 52.0.2743.82. A remote attacker can exploit this vulnerability to bypass the same-origin policy...

Google Chrome Blink Same-Origin Policy Bypass Vulnerability (CNVD-2016-05588)

Blink is the United States Google Google Inc. and Norway Opens Opera Software company jointly developed a set of browser layout engine rendering engine. A same-origin policy bypass vulnerability exists in the WebKit/Source/core/loader/FrameLoader.cpp file in Blink used in versions prior to Google...

chromium-browser: limited same-origin bypass in service workers

The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote attackers to bypass the Same Origin Policy via an https IFRAME element inside an http IFRAME...

chromium-browser: same-origin bypass in v8

objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

chromium-browser: same-origin bypass in blink

WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

chromium-browser: same-origin bypass in blink

The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

openSUSE Security Update : Chromium (openSUSE-2016-900)

Chromium was updated to 52.0.2743.82 to fix the following security issues boo989901 : - CVE-2016-1706: Sandbox escape in PPAPI - CVE-2016-1707: URL spoofing on iOS - CVE-2016-1708: Use-after-free in Extensions - CVE-2016-1709: Heap-buffer-overflow in sfntly - CVE-2016-1710: Same-origin bypass in...

RHEL 6 : chromium-browser (RHSA-2016:1485)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2016:1485 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 52.0.2743.82. Security Fixes:...

openSUSE Security Update : Chromium (openSUSE-2016-901)

Chromium was updated to 52.0.2743.82 to fix the following security issues boo989901 : - CVE-2016-1706: Sandbox escape in PPAPI - CVE-2016-1707: URL spoofing on iOS - CVE-2016-1708: Use-after-free in Extensions - CVE-2016-1709: Heap-buffer-overflow in sfntly - CVE-2016-1710: Same-origin bypass in...

[SECURITY] [DLA 558-1] squid security update

Package : squid Version : 2.7.STABLE9-4.1+deb7u2 CVE ID : CVE-2016-4554 A security issue has been discovered in the Squid chaching proxy, on its 2.7.STABLE9 version branch. CVE-2016-4554 Jianjun Chen found that Squid was vulnerable to a header smuggling attack that could lead to cache poisoning a...

Security update for Chromium (important)

Chromium was updated to 52.0.2743.82 to fix the following security issues boo989901: - CVE-2016-1706: Sandbox escape in PPAPI - CVE-2016-1707: URL spoofing on iOS - CVE-2016-1708: Use-after-free in Extensions - CVE-2016-1709: Heap-buffer-overflow in sfntly - CVE-2016-1710: Same-origin bypass in...

Security update for Chromium (important)

Chromium was updated to 52.0.2743.82 to fix the following security issues boo989901: - CVE-2016-1706: Sandbox escape in PPAPI - CVE-2016-1707: URL spoofing on iOS - CVE-2016-1708: Use-after-free in Extensions - CVE-2016-1709: Heap-buffer-overflow in sfntly - CVE-2016-1710: Same-origin bypass in...

Security update for Chromium (important)

Chromium was updated to 52.0.2743.82 to fix the following security issues boo989901: - CVE-2016-1706: Sandbox escape in PPAPI - CVE-2016-1707: URL spoofing on iOS - CVE-2016-1708: Use-after-free in Extensions - CVE-2016-1709: Heap-buffer-overflow in sfntly - CVE-2016-1710: Same-origin bypass in...

OPENSUSE-SU-2016:1869-1 Security update for Chromium

Chromium was updated to 52.0.2743.82 to fix the following security issues boo989901: - CVE-2016-1706: Sandbox escape in PPAPI - CVE-2016-1707: URL spoofing on iOS - CVE-2016-1708: Use-after-free in Extensions - CVE-2016-1709: Heap-buffer-overflow in sfntly - CVE-2016-1710: Same-origin bypass in...

OPENSUSE-SU-2016:1868-1 Security update for Chromium

Chromium was updated to 52.0.2743.82 to fix the following security issues boo989901: - CVE-2016-1706: Sandbox escape in PPAPI - CVE-2016-1707: URL spoofing on iOS - CVE-2016-1708: Use-after-free in Extensions - CVE-2016-1709: Heap-buffer-overflow in sfntly - CVE-2016-1710: Same-origin bypass in...