6983 matches found
RHEL 5 / 6 : flash-plugin (RHSA-2014:1173)
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...
Critical: Red Hat Security Advisory: flash-plugin security update
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...
flash-plugin: same origin policy bypass (APSB14-21)
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow...
CVE-2014-0548
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow...
CVE-2014-0548
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow...
Design/Logic Flaw
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow...
UBUNTU-CVE-2014-0548
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow...
CVE-2014-0548
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow...
CVE-2014-0548
Summary (CVE-2014-0548) : Adobe Flash Player (and related AIR SDK packages) contains a vulnerability that could allow a remote bypass of the Same Origin Policy. The Mageia advisory MGASA-2014-0382 notes that Flash Player 11.2.202.406 fixes multiple security issues, including a bypass of the same-...
CVE-2014-3620
cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain...
UBUNTU-CVE-2014-3620
cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain...
Adobe Flash Player Same Origin Policy Bypass (APSB14-14; CVE-2014-0516)
A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Android Browser Same Origin Policy Bypass Vulnerability
A SOP bypass occurs when a sitea.com is some how able to access the properties of siteb.com such as cookies, location, response etc. Due to the nature of the issue and potential impact, this is very rarely found in modern browsers. However, they are found once in a while. Vulnerability: Android...
CVE-2014-6041
The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open'\u0000javascript: sequence to the Android Browser application 4.2.1 or a third-party web browser...
Design/Logic Flaw
The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open'\u0000javascript: sequence to the Android Browser application 4.2.1 or a third-party web browser...
CVE-2014-6041
CVE-2014-6041 is a UXSS/SOP bypass in Android’s stock browser (AOSP) prior to 4.4 and in WebView, enabling cross-site script execution via crafted input containing a null character. Affected: Android stock browser before 4.4 and apps using WebView. Impact: partial confidentiality and integrity th...
CVE-2014-6041
The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open'\u0000javascript: sequence to the Android Browser application 4.2.1 or a third-party web browser...
Android Browser Same Origin Policy Bypass
Vulnerability: Android Browser Same Origin Policy Bypass Impact: High/Critical Authors: Rafay Baloch Company: RHAinfoSEC Website: http://rhainfosec.com http://rafayhackingarticles.net Introduction Same Origin Policy SOP is one of the most important security mechanisms that are applied in modern...
openSUSE Security Update : chromium (openSUSE-SU-2014:0982-1)
Chromium was updated to version 36.0.1985.125. New Functionality : - Rich Notifications Improvements - An Updated Incognito / Guest NTP design - The addition of a Browser crash recovery bubble - Chrome App Launcher for Linux - Lots of under the hood changes for stability and performance Security...
chromium: update to 36.0.1985.125 (important)
Chromium was updated to version 36.0.1985.125. New Functionality: Rich Notifications Improvements An Updated Incognito / Guest NTP design The addition of a Browser crash recovery bubble Chrome App Launcher for Linux Lots of under the hood changes for stability and performance Security Fixes...