8386 matches found
Google Chrome Pepper plugin same-origin policy bypass vulnerability
Google Chrome is a web browser developed by Google, and Pepper is a player plug-in for playing Flash videos. Versions of the Pepper plugin prior to Google Chrome 49.0.2623.75 have the file content/renderer/pepper/ppbflashmessageloopimpl.cc in the file 'PPBFlashMessageLoop A security vulnerability...
CVE-2016-1967
Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls aft...
Same-origin policy violation using performance.getEntries and history navigation with session restore — Mozilla
Security researcher Jordi Chancel discovered a variant of Mozilla Foundation Security Advisory 2015-136 which was fixed in Firefox 43. In the original bug, it was possible to read cross-origin URLs following a redirect if performance.getEntries was used along with an iframe to host a page...
chromium-browser: same-origin bypass in Pepper Plugin
The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...
chromium-browser: same-origin bypass in Blink
The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site...
FreeBSD : chromium -- multiple vulnerabilities (f85fa236-e2a6-412e-b5c7-c42120892de5)
Google Chrome Releases reports : 560011 High CVE-2016-1630: Same-origin bypass in Blink. 569496 High CVE-2016-1631: Same-origin bypass in Pepper Plugin. 549986 High CVE-2016-1632: Bad cast in Extensions. 572537 High CVE-2016-1633: Use-after-free in Blink. 559292 High CVE-2016-1634: Use-after-free...
Debian DSA-3507-1 : chromium-browser - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2015-8126 Joerg Bornemann discovered multiple buffer overflow issues in the libpng library. - CVE-2016-1630 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in Blink/Webkit. - CVE-2016-1631 Mariusz...
CVE-2016-1631
The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...
CVE-2016-1631
The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...
CVE-2016-1630
The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site...
Design/Logic Flaw
The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...
Design/Logic Flaw
The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site...
CVE-2016-1630
The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site...
CVE-2016-1631
The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...
CVE-2016-1630
The CVE-2016-1630 issue affects Blink/WebKit’s ContainerNode::parserRemoveChild in WebKit/Source/core/dom/ContainerNode.cpp, used by Google Chrome prior to 49.0.2623.75. The vulnerability mishandles widget updates, enabling a remote attacker to bypass the Same Origin Policy via a crafted web site...
CVE-2016-1630
The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site...
CVE-2016-1631
CVE-2016-1631 affects the Chrome Pepper Plugin API (PPB_Flash_MessageLoop_Impl::InternalRun) in Chrome prior to 49.0.2623.75. The issue arises from mishandling nested message loops, enabling a remote attacker to bypass the Same Origin Policy via a crafted web site. Affected remediation is upgradi...
CVE-2016-1631
Removed by vendor...
CVE-2016-1630
Removed by vendor...
[SECURITY] [DSA 3507-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3507-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 05, 2016 https://www.debian.org/security/faq -...