Cross site request forgery (csrf)

Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect...

CVE-2014-1552

Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect...

CVE-2014-1552

CVE-2014-1552 is referenced in a 2014 Mozilla/Firefox advisory set (SUSE-SU-2014:0960-1) and in MFSA2014-66, with openVAS entries tying Firefox-related advisories to this CVE. The SUSE advisory lists CVE-2014-1552 among fixed items for Mozilla products, and shows a high severity/impact context (c...

CVE-2014-1552

Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect...

IFRAME sandbox same-origin access through redirect — Mozilla

Mozilla developer Boris Zbarsky discovered an issue where network-level redirects cause an sandbox to forget its unique origin and behave as if the allow-same-origin keyword were applied. This allows the sandboxed content to access other content from the same origin without explicit approval...

CVE-2014-3160

The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file...

CVE-2014-3161

The WebMediaPlayerAndroid::load function in content/renderer/media/android/webmediaplayerandroid.cc in Google Chrome before 36.0.1985.122 on Android does not properly interact with redirects, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that hosts a video...

Design/Logic Flaw

The WebMediaPlayerAndroid::load function in content/renderer/media/android/webmediaplayerandroid.cc in Google Chrome before 36.0.1985.122 on Android does not properly interact with redirects, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that hosts a video...

Design/Logic Flaw

The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file...

CVE-2014-3161

The WebMediaPlayerAndroid::load function in content/renderer/media/android/webmediaplayerandroid.cc in Google Chrome before 36.0.1985.122 on Android does not properly interact with redirects, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that hosts a video...

CVE-2014-3160

The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file...

CVE-2014-3160

CVE-2014-3160 affects Chromium/Blink: the ResourceFetcher::canRequest logic allowed subresource SVG requests to bypass Same Origin Policy. This is a remote-origin bypass via crafted SVG files in Chrome prior to 36.0.1985.125. Public advisories (Debian, openSUSE, Gentoo, Ubuntu) document the issue...

CVE-2014-3161

The CVE-2014-3161 entry corresponds to a vulnerability in Google Chrome for Android prior to 36.0.1985.122, where WebMediaPlayerAndroid::load did not properly handle redirects, allowing remote attackers to bypass the Same Origin Policy via a crafted site hosting a video stream. This is supported ...

CVE-2014-3160

Removed by vendor...

CVE-2014-3160

The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file...

FreeBSD : chromium -- multiple vulnerabilities (3718833e-0d27-11e4-89db-000c6e25e3e9)

Google Chrome Releases reports : 26 security fixes in this release, including - 380885 Medium CVE-2014-3160: Same-Origin-Policy bypass in SVG. Credit to Christian Schneider. - 393765 CVE-2014-3162: Various fixes from internal audits, fuzzing and other initiatives. %NASLMINLEVEL 70300 C Tenable...

Chrome for Android Update Patches URL Spoofing Bug

The latest update to Chrome on Android – pushed yesterday – fixes two bugs, including a critical flaw in the browser that could have let an attacker trick a user into visiting a malicious site. The problem, marked high priority by Google, was discovered by Japanese app developer Keita Haga. The...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 26 security fixes in this release, including 380885 Medium CVE-2014-3160: Same-Origin-Policy bypass in SVG. Credit to Christian Schneider. 393765 CVE-2014-3162: Various fixes from internal audits, fuzzing and other initiatives...

Stable Channel Update

The Chrome Team is excited to announce the promotion of Chrome 36 to the Stable channel for Windows, Mac and Linux. Chrome 36.0.1985.125 contains a number of fixes and improvements, including: Rich Notifications Improvements An Updated Incognito / Guest NTP design The addition of a Browser crash...

Adobe AIR <= AIR 14.0.0.110 Multiple Vulnerabilities (APSB14-17)

According to its version, the instance of Adobe AIR on the remote Windows host is equal or prior to 14.0.0.110. It is, therefore, affected by the following vulnerabilities : - A CSRF bypassing Same Origin Policy vulnerability exists that could leak potentially sensitive data. CVE-2014-4671 -...