CVE-2015-6679

CVE-2015-6679 affects Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 (Windows/macOS) and before 11.2.202.521 (Linux), plus Adobe AIR before 19.0.0.190. The issue is a bypass of the Same Origin Policy that can lead to information disclosure via unspecified vectors. Connected advis...

Google Chrome < 45.0.2454.99 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is prior to 45.0.2454.99. It is, therefore, affected by multiple vulnerabilities : - An unspecified stack corruption issue exists that allows a remote attacker to execute arbitrary code. CVE-2015-5567, CVE-2015-5579 - A vector...

Adobe Flash Player for Mac <= 18.0.0.232 Multiple Vulnerabilities (APSB15-23)

The version of Adobe Flash Player installed on the remote Mac OS X host is equal or prior to version 18.0.0.232. It is, therefore, affected by multiple vulnerabilities : - An unspecified stack corruption issue exists that allows a remote attacker to execute arbitrary code. CVE-2015-5567,...

Adobe Flash Player <= 18.0.0.232 Multiple Vulnerabilities (APSB15-23)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 18.0.0.232. It is, therefore, affected by multiple vulnerabilities : - An unspecified stack corruption issue exists that allows a remote attacker to execute arbitrary code. CVE-2015-5567,...

MS KB3087040: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge

The remote Windows host is missing KB3087040. It is, therefore, affected by multiple vulnerabilities : - An unspecified stack corruption issue exists that allows a remote attacker to execute arbitrary code. CVE-2015-5567, CVE-2015-5579 - A vector length corruption issue exists that allows a remot...

Adobe AIR <= 18.0.0.199 Multiple Vulnerabilities (APSB15-23)

The version of Adobe AIR installed on the remote Windows host is equal or prior to version 18.0.0.199. It is, therefore, affected by multiple vulnerabilities : - An unspecified stack corruption issue exists that allows a remote attacker to execute arbitrary code. CVE-2015-5567, CVE-2015-5579 - A...

Adobe AIR for Mac <= 18.0.0.199 Multiple Vulnerabilities (APSB15-23)

The version of Adobe AIR installed on the remote Mac OS X host is equal or prior to version 18.0.0.199. It is, therefore, affected by multiple vulnerabilities : - An unspecified stack corruption issue exists that allows a remote attacker to execute arbitrary code. CVE-2015-5567, CVE-2015-5579 - A...

flash -- multiple vulnerabilities

Adobe reports: These updates resolve a type confusion vulnerability that could lead to code execution CVE-2015-5573. These updates resolve use-after-free vulnerabilities that could lead to code execution CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, CVE-2015-6682. These updates...

Securifi Almond Access Restriction Bypass Vulnerability

Securifi Almond is a wireless router product from Securifi. The Securifi Almond 2015's web management interface does not enforce the same-origin policy in the X-Frame-Options response header, allowing remote attackers to exploit specially crafted web pages that can be used for clickjacking attack...

Orient Technologies Studio for OrientDB Server Community Edition Clickjacking Vulnerability

Orient Technologies Studio for OrientDB Server Community Edition is a community edition of OrientDB Server from Orient Technologies, UK. Orient Technologies Studio for OrientDB Server Community Edition fails to enforce the same-origin policy by default in the X-Frame-Options response header,...

CVE-2015-5827

WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a 1 custom event, 2 message event, or 3 pop state event...

CVE-2015-5826

WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets CSS document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

CVE-2015-5788

The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element...

CVE-2015-5826

WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets CSS document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

CVE-2015-5827

WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a 1 custom event, 2 message event, or 3 pop state event...

Authentication flaw

WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets CSS document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

Design/Logic Flaw

WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a 1 custom event, 2 message event, or 3 pop state event...

Design/Logic Flaw

The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element...

UBUNTU-CVE-2015-5827

WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a 1 custom event, 2 message event, or 3 pop state event...

UBUNTU-CVE-2015-5826

WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets CSS document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...