CVE-2013-1713

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-si...

CVE-2013-1714

CVE-2013-1714 concerns Mozilla Firefox and related Mozilla components. The affected products are Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20. Root cause (per the connected MiracleLinux/Nessus entry):...

Debian DSA-2732-1 : chromium-browser - several vulnerabilities

Several vulnerabilities have been discovered in the Chromium web browser. - CVE-2013-2881 Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling. - CVE-2013-2882 Cloudfuzzer discovered a type confusion issue in the V8 JavaScript library. - CVE-2013-2883 Cloudfuzzer...

Same-origin bypass with web workers and XMLHttpRequest — Mozilla

Mozilla community member Federico Lanusse reported a mechanism where a web worker can violate same-origin policy and bypass cross-origin checks through XMLHttpRequest. This could allow for cross-site scripting XSS attacks by web workers...

Wrong principal used for validating URI for some Javascript components — Mozilla

Security researcher Cody Crews reported that some Javascript components will perform checks against the wrong uniform resource identifier URI before performing security sensitive actions. This will return an incorrect location for the originator of the call. This could be used to bypass same-orig...

CVE-2013-1714

The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy a...

Debian: Security Advisory (DSA-2735-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-1713

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-si...

[SECURITY] [DSA 2732-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2732-1 [email protected] http://www.debian.org/security/ Michael Gilbert July 31, 2013 http://www.debian.org/security/faq -...

CVE-2013-2881

Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

CVE-2013-2881

Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

Authentication flaw

Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

Debian Security Advisory DSA 2732-1 (chromium-browser - several vulnerabilities)

Several vulnerabilities have been discovered in the Chromium web browser. CVE-2013-2881 Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling. CVE-2013-2882 Cloudfuzzer discovered a type confusion issue in the V8 javascript library. CVE-2013-2883 Cloudfuzzer...

DSA-2732-1 chromium-browser - several

Bulletin has no description...

CVE-2013-2881

Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

CVE-2013-2881

CVE-2013-2881 affects Chromium/Google Chrome prior to 28.0.1500.95, where improper handling of frames allowed remote attackers to bypass the Same Origin Policy via a crafted website. Debian’s advisory and multiple security bulletins confirm the vulnerability and list CVE-2013-2881 among others, w...

CVE-2013-2881

Removed by vendor...

Debian: Security Advisory (DSA-2732-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Seamonkey Security Bypass Vulnerabilities - Oct 12 (Mac OS X)

The host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeysecbypassvulnoct12macosx.nasl 6115 2017-05-12 09:03:25Z teissa $ Mozilla Seamonkey Security Bypass Vulnerabilities - Oct 12 Mac OS X Authors: Arun Kallavi...

Mozilla Seamonkey Security Bypass Vulnerabilities - Oct 12 (Windows)

The host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeysecbypassvulnoct12win.nasl 6115 2017-05-12 09:03:25Z teissa $ Mozilla Seamonkey Security Bypass Vulnerabilities - Oct 12 Windows Authors: Arun Kallavi Copyright...