6987 matches found
Internet Bug Bounty: Same Origin Security Bypass Vulnerability
This bug was reported directly to Adobe. http://helpx.adobe.com/security/products/flash-player/apsb14-08.html...
Flash Player for Mac <= 11.7.700.269 / 12.0.0.70 Multiple Vulnerabilities (APSB14-08) (Mac OS X)
According to its version, the instance of Flash Player installed on the remote Mac OS X host is equal or prior to 11.7.700.269 / 11.8.x / 11.9.x / 12.0.0.70. It is, therefore, potentially affected by multiple vulnerabilities : - A vulnerability exists that could be used to bypass the same origin...
MS KB2938527: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
The remote host is missing KB2938527. It is, therefore, affected by multiple vulnerabilities : - A vulnerability exists that could be used to bypass the same origin policy. CVE-2014-0503 - A vulnerability exists that could be used to read the contents of the clipboard. CVE-2014-0504 C Tenable...
Flash Player <= 11.7.700.269 / 12.0.0.70 Multiple Vulnerabilities (APSB14-08)
According to its version, the instance of Flash Player installed on the remote Windows host is equal or prior to 11.7.700.269 / 11.8.x / 11.9.x / 12.0.0.70. It is, therefore, potentially affected multiple vulnerabilities : - A vulnerability exists that could be used to bypass the same origin...
ASUS Router Multiple Vulnerabilities
The host is running ASUS Router and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodasusroutersmultvuln.nasl 6663 2017-07-11 09:58:05Z teissa $ ASUS Router Multiple Vulnerabilities Authors: Antu Sanadi Copyright: Copyright C 2014 SecPod, http://www.secpod.com This...
CVE-2013-6657
core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information vi...
CVE-2013-6657
core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information vi...
Design/Logic Flaw
core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information vi...
CVE-2013-6657
core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information vi...
CVE-2013-6657
CVE-2013-6657 affects Blink’s XSS auditor in Google Chrome prior to 33.0.1750.117. The description from multiple sources states that the XSS auditor’s handling of FORM elements within HTTP requests could insert the about:blank URL, enabling a bypass of the Same Origin Policy and allowing a leakag...
CVE-2013-6657
Removed by vendor...
CVE-2014-0266
The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to...
Information disclosure
The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to...
CVE-2014-0266
CVE-2014-0266 (MS14-005) affects Microsoft XML Core Services (MSXML) 3.0 used by Internet Explorer. The root cause is an information-disclosure vulnerability in the MSXML ActiveX controls that can be triggered when a user visits a specially crafted web page, allowing remote attackers to bypass th...
CentOS Update for thunderbird CESA-2014:0133 centos5
Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2014:0133 centos5 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...
CentOS Update for firefox CESA-2014:0132 centos5
Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2014:0132 centos5 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
CentOS Update for firefox CESA-2014:0132 centos6
Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2014:0132 centos6 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Updated Firefox & Thunderbird packages fix multiple security vulnerabilities
Updated firefox and thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user...
CVE-2014-1487
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages...
CVE-2014-1483
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint...