chromium -- multiple vulnerabilities

Google Chrome Releases reports: 48 security fixes in this release, including: 610600 High CVE-2016-1706: Sandbox escape in PPAPI. Credit to Pinkie Pie xisigr of Tencent's Xuanwu Lab 613949 High CVE-2016-1708: Use-after-free in Extensions. Credit to Adam Varsan 614934 High CVE-2016-1709:...

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 52 to the stable channel for Windows, Mac and Linux. Chrome 52.0.2743.82 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new...

Paragon Initiative Enterprises: Content-type sniffing leads to stored XSS in CMS Airship on Internet Explorer

Description Internet Explorer has the nasty habit to perform Content-Type sniffing on delivered resources if the content-type is not known to it. Since the software isn't instructing Internet Explorer to disable content-type sniffing this leads to a stored XSS. In a nutshell, it is possible to...

WordPress < 4.5.2 Multiple Vulnerabilities (ImageTragick)

Binary data 9387.prm...

The vulnerability of the Firefox browser, which allows a remote attacker to execute arbitrary JavaScript code

The vulnerability of the Firefox browser allows a malicious actor to bypass access control policies SOP and execute arbitrary JavaScript code with privileges equivalent to those of Chrome, by using frame relays...

The vulnerability of the Firefox ESR browser allows a malicious individual to gain access to authentication data.

The Mozilla Firefox ESR browser contains a vulnerability related to errors in the implementation of the Web Workers technology. Exploiting this vulnerability allows malicious actors operating remotely to circumvent Domain Restrictions Policy SOP rules and gain access to authentication data throug...

The vulnerability of the Firefox browser, which allows a malicious individual to gain access to confidential information

The Mozilla Firefox browser contains a vulnerability related to errors in the implementation of the SVG filter. This vulnerability allows malicious actors to gain access to confidential information about displacement and correlations, as well as to circumvent domain restriction policies SOP. They...

The vulnerability of the Mozilla SeaMonkey software package, which allows a malicious individual to gain access to authentication data

Mozilla SeaMonkey software contains a vulnerability related to errors in the implementation of the Web Workers technology. Exploiting this vulnerability allows malicious actors operating remotely to circumvent Domain Restrictions Policy SOP rules and gain access to authentication data through err...

The vulnerability of the Firefox ESR browser allows a malicious individual to gain access to confidential information.

The Mozilla Firefox ESR browser contains a vulnerability related to errors in the implementation of the SVG filter. This vulnerability allows a malicious actor to gain access to confidential information about displacement and correlations, as well as to circumvent Domain Restrictions Policy SOP...

The vulnerability of the Mozilla SeaMonkey software package, which allows a malicious individual to gain access to confidential information

Mozilla SeaMonkey’s software product contains a vulnerability related to errors in the implementation of the SVG filter. This vulnerability allows a malicious actor to gain access to confidential information about displacement and correlations, as well as to circumvent domain restriction policies...

The vulnerability of the Firefox browser, which allows a malicious individual to gain access to authentication data

The Mozilla Firefox browser contains a vulnerability related to errors in the implementation of the Web Workers technology. Exploiting this vulnerability allows malicious actors operating remotely to circumvent Domain Restrictions Policy SOP rules and gain access to authentication data through...

The vulnerability of the Firefox browser, which allows a malicious actor to bypass domain restriction rules

The Mozilla Firefox browser contains a vulnerability related to errors in the implementation of class functions. Exploiting this vulnerability allows malicious actors to circumvent Domain Restrictions Policy SOP rules and gain access to confidential information through the use of IFrame elements...

Mozilla Firefox < 47.0 Multiple Vulnerabilities

Binary data 9383.prm...

lib32-flashplugin: multiple issues

CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4137, CVE-2016-4141, CVE-2016-4150, CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154,...

FreeBSD : flash -- multiple vulnerabilities (0e3dfdde-35c4-11e6-8e82-002590263bf5)

Adobe reports : These updates resolve type confusion vulnerabilities that could lead to code execution CVE-2016-4144, CVE-2016-4149. These updates resolve use-after-free vulnerabilities that could lead to code execution CVE-2016-4142, CVE-2016-4143, CVE-2016-4145, CVE-2016-4146, CVE-2016-4147,...

Unspecified Same-Origin Policy Bypass Vulnerability in Microsoft Internet Explorer and Microsoft Edge Adobe Flash Player

Adobe Flash Player is a multimedia player product; Adobe AIR SDK and Adobe AIR SDK & Compiler are both standard development kits for Adobe AIR.Microsoft Internet Explorer and Microsoft Edge are popular web browsers. An unspecified same-origin policy bypass vulnerability exists in Adobe Flash Play...

flashplugin: multiple issues

CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4137, CVE-2016-4141, CVE-2016-4150, CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154,...

Updated flash-player-plugin packages fix security vulnerabilities

Adobe Flash Player 11.2.202.626 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves type confusion vulnerabilities that could lead to code execution CVE-2016-4144,...

Adobe Flash Player <= 21.0.0.242 Multiple Vulnerabilities (APSB16-18)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 21.0.0.242. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist that allow an unauthenticated, remote attacker to cause a denial of service condition ...

Adobe Flash Player for Mac <= 21.0.0.242 Multiple Vulnerabilities (APSB16-18)

The version of Adobe Flash Player installed on the remote Mac OS X host is equal or prior to version 21.0.0.242. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist that allow an unauthenticated, remote attacker to cause a denial of service condition...