6905 matches found
Google Blink DOM Homology Policy Bypass Vulnerability
Blink is the United States Google Google Inc. and Norway Opens Opera Software company jointly developed a set of browser layout engine rendering engine. A security vulnerability exists in the DOM implementation of Blink used in versions of Google Chrome prior to 47.0.2526.73, which stems from the...
Google Chrome DOM Homology Policy Bypass Vulnerability (CNVD-2015-07958)
Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the DOM implementation of Google Chrome versions prior to 47.0.2526.73. A remote attacker can exploit the vulnerability to bypass the same-origin policy...
Google Chrome DOM Homology Policy Bypass Vulnerability
Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the DOM implementation of Google Chrome versions prior to 47.0.2526.73. A remote attacker can exploit the vulnerability to bypass the same-origin policy...
Debian: Security Advisory (DSA-3415-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome < 47.0.2526.73 Multiple Vulnerabilities
Binary data 9020.pasl...
Mozilla Firefox < 42.0 Multiple Vulnerabilities
Binary data 9018.prm...
CVE-2015-6772
The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin...
CVE-2015-6770
The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768...
CVE-2015-6769
The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing...
CVE-2015-6768
The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770...
Design/Logic Flaw
The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin...
Design/Logic Flaw
The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770...
Design/Logic Flaw
The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768...
Design/Logic Flaw
The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing...
CVE-2015-6769
The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing...
CVE-2015-6772
The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin...
CVE-2015-6769
CVE-2015-6769 affects Google Chrome/Chromium before 47.0.2526.73. The issue is a Same Origin Policy bypass in the core by exploiting a delay in window proxy clearing in WebKit’s WindowProxy.cpp, as reported in multiple sources (including Debian’s DSA-3415-1 and Chrome’s 47 stable release). Impact...
CVE-2015-6768
The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770...
CVE-2015-6770
CVE-2015-6770 affects Google Chrome
CVE-2015-6768
CVE-2015-6768 affects Google Chrome/Chromium prior to 47.0.2526.73. The issue allows a remote attacker to bypass the Same Origin Policy via unspecified vectors (a separate vulnerability from CVE-2015-6770). Public references note this as a cross-origin bypass in the DOM/SOP handling within Chrome...