CVE-2015-6755

Removed by vendor...

CVE-2015-6755

The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin...

CVE-2015-6762

The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets CSS implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's URL appears to be a same-origin URL, which allows...

UBUNTU-CVE-2015-6755

The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin...

Design/Logic Flaw

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow remote attackers to bypass the Same Origin Policy and obtain...

Adobe Flash Player Same-Origin Policy Bypass Information Disclosure Vulnerability (CNVD-2015-06679)

Adobe Flash Player is a Flash file handling program. Adobe Flash Player suffers from an unspecified same-origin policy bypass vulnerability. This allows remote attackers to construct malicious SWF content and trick users into parsing it, which could lead to sensitive information...

CVE-2015-7628

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow remote attackers to bypass the Same Origin Policy and obtain...

SUSE SLED11 Security Update : flash-player (SUSE-SU-2015:1742-1)

flash-player was updated to version 11.2.202.535 to fix 13 security issues bsc950169. These security issues were fixed : - A vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure CVE-2015-7628. - A defense-in-depth feature in the Flash broker AP...

FreeBSD : flash -- multiple vulnerabilities (a63f2c06-726b-11e5-a12b-bcaec565249c)

Adobe reports : These updates resolve a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure CVE-2015-7628. These updates include a defense-in-depth feature in the Flash broker API CVE-2015-5569. These updates resolve use-after-free...

UBUNTU-CVE-2015-7628

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow remote attackers to bypass the Same Origin Policy and obtain...

UBUNTU-CVE-2015-6762

The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets CSS implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's URL appears to be a same-origin URL, which allows...

SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2015:1379-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2015-0305)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-7628

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow remote attackers to bypass the Same Origin Policy and obtain...

CVE-2015-7628

Adobe Flash Player and related AIR components contain a Same Origin Policy bypass vulnerability (CVE-2015-7628) that could lead to information disclosure. Affected products include Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows/macOS, and before 11.2.202.535 on Linux, plus A...

Updated flash-player-plugin packages fixes security vulnerabilities

Adobe Flash Player 11.2.202.535 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a vulnerability that could be exploited to bypass the same-origin-policy and lead to...

flashplugin: multiple issues

CVE-2015-5569 information leak, insufficient hardening These updates include a defense-in-depth feature in the Flash broker API. - CVE-2015-7625 CVE-2015-7626 CVE-2015-7627 CVE-2015-7630 CVE-2015-7633 CVE-2015-7634 arbitrary code execution These updates resolve memory corruption vulnerabilities...

Adobe AIR for Mac <= 19.0.0.190 Multiple Vulnerabilities (APSB15-25)

The version of Adobe AIR installed on the remote Mac OS X host is equal or prior to version 19.0.0.190. It is, therefore, affected by multiple vulnerabilities : - An unspecified vulnerability exists related to the defense-in-depth feature in the Flash Broker API. No other details are available...

Google Chrome < 46.0.2490.71 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is prior to 46.0.2490.71. It is, therefore, affected by multiple vulnerabilities : - A same-origin bypass vulnerability exists in Blink that allows an attacker to bypass the same-origin policy. CVE-2015-6755 - A use-after-free err...

Google Chrome < 46.0.2490.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 46.0.2490.71. It is, therefore, affected by multiple vulnerabilities : - A same-origin bypass vulnerability exists in Blink that allows an attacker to bypass the same-origin policy. CVE-2015-6755 - A use-after-free erro...