6987 matches found
CVE-2014-1501
Mozilla Firefox for Android is affected (before 28.0). The issue allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via the Open Link in New Tab action, enabling local file access from web content. The root cause is a Same Origin Policy bypass in the Android ...
CVE-2014-1502
CVE-2014-1502 affects Mozilla Firefox (pre-28.0) and SeaMonkey (pre-2.25). The vulnerability arises in WebGL functions WebGL.compressedTexImage2D and WebGL.compressedTexSubImage2D, enabling remote attackers to bypass Same Origin Policy and render content from a different domain via unspecified ve...
CVE-2014-1502
The 1 WebGL.compressedTexImage2D and 2 WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors...
CVE-2014-1505
CVE-2014-1505 affects Mozilla Firefox (and related Mozilla components) where SVG filter operations in feDisplacementMap could leak displacement-correlation data and potentially bypass Same Origin Policy via a timing attack, enabling partial information disclosure from a different domain. Affected...
Mozilla: SVG filters information disclosure through feDisplacementMap (MFSA 2014-28)
The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a differen...
Mozilla: Information disclosure through polygon rendering in MathML (MFSA 2014-26)
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service out-of-bounds read and application...
CVE-2014-1508
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service out-of-bounds read and application...
CVE-2014-1505
The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a differen...
CVE-2014-1502
The 1 WebGL.compressedTexImage2D and 2 WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors...
SuSE 11.3 Security Update : flash-player (SAT Patch Number 9012)
Adobe Flash Player was updated to version 11.2.202.346 to fix security issues : - A vulnerability that could be used to bypass the same origin policy was fixed. CVE-2014-0503 - A vulnerability that could be used to read the contents of the clipboard was fixed. More information can be found on:...
flash-player to 11.2.202.346 (important)
Adobe Flash Player was updated to version 11.2.202.346 to fix security issues: CVE-2014-0503: A vulnerability that could be used to bypass the same origin policy was fixed. CVE-2014-0504: A vulnerability that could be used to read the contents of the clipboard was fixed. More information can be...
RHEL 5 / 6 : flash-plugin (RHSA-2014:0289)
An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
flash-plugin: same origin policy bypass (APSB14-08)
Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors...
Moderate: Red Hat Security Advisory: flash-plugin security update
An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Updated flash-player-plugin packages fix security vulnerabilities
Adobe Flash Player 11.2.202.346 contains fixes to important vulnerabilities found in earlier versions that could allow a remote attacker to bypass security restrictions or to access sensitive information. This update resolves a vulnerability that could be used to bypass the same origin policy...
CVE-2014-0503
Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors...
CVE-2014-0503
Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors...
Design/Logic Flaw
Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors...
CVE-2014-0503
Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors...
CVE-2014-0503
CVE-2014-0503 affects Adobe Flash Player; versions prior to 11.7.700.272 (and 11.8.x through 12.0.x before 12.0.0.77) on Windows/macOS and pre-11.2.202.346 on Linux are vulnerable to bypassing the Same Origin Policy via unspecified vectors. Affected users should upgrade to Flash Player 11.2.202.3...