6926 matches found
Apple Safari WebKit bypasses same-origin policy vulnerability (CNVD-2015-02944)
WebKit is the open source web browser engine currently used by Safari, Chrome and other browsers. Apple Safari before 6.2.6, 7.1.6 before 7.x,8.0.6 before 8.x versions using WebKit's page-loading implementation suffers from a bypassing the same-origin policy vulnerability that stems from its...
CVE-2015-1155
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site...
CVE-2015-1155
CVE-2015-1155 - WebKit history implementation flaw allows remote attackers to bypass Same Origin Policy and read arbitrary files via a crafted site. Affected: WebKit used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6. Remediation: apply the vendor patches that fix the histo...
CVE-2015-1155
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site...
UBUNTU-CVE-2015-1155
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site...
Mozilla Firefox < 37.0 Multiple Vulnerabilities
Binary data 8742.prm...
Debian DSA-3238-1 : chromium-browser - security update
Several vulnerabilities were discovered in the chromium web browser. - CVE-2015-1235 A Same Origin Policy bypass issue was discovered in the HTML parser. - CVE-2015-1236 Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API. - CVE-2015-1237 Khalil Zhani discovered a use-after-fr...
Ubuntu: Security Advisory (USN-2570-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2570-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2570-1 advisory. An issue was discovered in the HTML parser in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially...
USN-2570-1: Oxide vulnerabilities
An issue was discovered in the HTML parser in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2015-1235 An issue was discovered in the Web Audio API implementation in Blink. If a user were...
USN-2570-1 oxide-qt vulnerabilities
An issue was discovered in the HTML parser in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2015-1235 An issue was discovered in the Web Audio API implementation in Blink. If a user were...
[SECURITY] [DSA 3238-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3238-1 [email protected] http://www.debian.org/security/ Michael Gilbert April 26, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3238-1 (chromium-browser - security update)
Several vulnerabilities were discovered in the chromium web browser. CVE-2015-1235 A Same Origin Policy bypass issue was discovered in the HTML parser. CVE-2015-1236 Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API. CVE-2015-1237 Khalil Zhani discovered a use-after-free iss...
DSA-3238-1 chromium-browser - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3238-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WordPress 3.9-4.1.1 - Same-Origin Method Execution
...
Google Chrome Same Origin Policy Bypass Vulnerability (CNVD-2015-02620)
Google Chrome is a web browsing tool developed by Google. A security vulnerability exists in the 'ContainerNode::parserRemoveChild' function in the core/dom/ContainerNode.cpp file in the Blink's HTML parser used in Google Chrome versions prior to 42.0.2311.90. ' function in the...
Google Chrome Blink Same Origin Policy Bypass Vulnerability
Google Chrome is a web browsing tool developed by Google. The Web Audio API implementation of Blink used in Google Chrome versions prior to 42.0.2311.90 has a security vulnerability in the modules/webaudio/MediaElementAudioSourceNode.cpp file in the ' MediaElementAudioSourceNode::process' functio...
Privacy killer: the Flash permissions reflection-vulnerability warning-the black bar safety net
0x00 Preface Always thought the risk has long been valued, but recently accidentally found, there are still many sites the presence of the defects, which are some of the commonly used email, social networking sites, so it is necessary then to explore it again. In fact, this is not what...
CVE-2015-1236
The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...