8386 matches found
Comodo Chromodo Browser Disables Same-Origin Policy
Google researcher Tavis Ormandy has disclosed that the Chromodo browser installed with Comodo Internet Security disables the same-origin policy by default. The same-origin policy is a fundamental tenet of web security, ensuring that scripts access data from a second webpage only if the two pages...
Comodo's so-called 'Secure Internet Browser' Comes with Disabled Security Features
Beware Comodo Users! Have you Safeguarded your PC with a Comodo Antivirus? Then you need to inspect your system for privacy and security concerns. First of all, make sure whether your default browser had been changed to "Chromodo" -- a free browser offered by Comodo Antivirus. If your head nod is...
openSUSE Security Update : seamonkey (openSUSE-2016-126) (SLOTH)
SeaMonkey was updated to 2.40 boo959277 to fix security issues and bugs. The following vulnerabilities were fixed : - CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature - CVE-2015-7201/CVE-2015-7202: Miscellaneous memory safety hazards - CVE-2015-7204: Cra...
openSUSE Security Update : SeaMonkey (openSUSE-2016-129) (SLOTH)
This update for SeaMonkey fixes the following issues : - update to SeaMonkey 2.40 bnc959277 - requires NSS 3.20.2 to fix MFSA 2015-150/CVE-2015-7575 bmo1158489 MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature - MFSA 2015-134/CVE-2015-7201/CVE-2015-7202 Miscellaneous...
Mozilla Firefox Multiple Vulnerabilities (Jan 2016) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Ruby on Rails jquery-ujs和jquery-rails安全绕过漏洞
Impact In the scenario where an attacker might be able to control the href attribute of an anchor tag or the action attribute of a form tag that will trigger a POST action, the attacker can set the href or action to " https://attacker.com" note the leading space that will be passed to JQuery, who...
Mozilla Firefox < 43.0 Multiple Vulnerabilities
Binary data 9058.prm...
Microsoft Internet Explorer Security Mechanism Bypass Vulnerability (CNVD-2016-00287)
Microsoft Internet Explorer is a popular web browser introduced by Microsoft and bundled with the Windows operating system. A security vulnerability exists in Microsoft Internet Explorer that could be exploited by remote attackers to construct malicious Web pages that could be tricked into parsin...
Ubuntu 14.04 LTS : Thunderbird vulnerabilities (USN-2859-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2859-1 advisory. Andrei Vaida, Jesse Ruderman, Bob Clary, and Jesse Ruderman discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening...
USN-2859-1: Thunderbird vulnerabilities
Andrei Vaida, Jesse Ruderman, Bob Clary, and Jesse Ruderman discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitra...
CVE-2016-0005
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability."...
CVE-2016-0005
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability."...
Privilege escalation
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability."...
CVE-2016-0005
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability."...
Scientific Linux Security Update : thunderbird on SL5.x, SL6.x, SL7.x i386/x86_64 (20160105)
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. CVE-2015-7201, CVE-2015-7205, CVE-2015-7212, CVE-2015-7213 A...
thunderbird security update
CentOS Errata and Security Advisory CESA-2016:0001 An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System...
RHEL 5 / 6 / 7 : thunderbird (RHSA-2016:0001)
An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
RedHat Update for thunderbird RHSA-2016:0001-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: thunderbird security update
An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Mozilla: Cross-site reading attack through data: and view-source: URIs (MFSA 2015-149)
Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs...