8304 matches found
CVE-2012-2401
Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content...
CVE-2012-2401
CVE-2012-2401 affects WordPress before 3.3.2 via Plupload 1.5.3 and related components, where SWF content loaded from any domain could bypass Same Origin Policy, enabling cross-site scripting/credential risks as described in the vulnerability entry. Root cause: improper origin checks in Plupload ...
CVE-2012-2401
Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content...
Opera Cache History Information Disclosure Vulnerability - Linux
Opera is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2011-3067
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements...
CVE-2011-3072
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows...
CVE-2011-3072
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows...
Design/Logic Flaw
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements...
CVE-2011-3072
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows...
CVE-2011-3067
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements...
Design/Logic Flaw
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows...
CVE-2011-3067
Removed by vendor...
CVE-2011-3072
Removed by vendor...
CVE-2011-3072
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows...
CVE-2011-3067
Technical details for CVE-2011-3067 are not publicly provided in the connected documents. Please monitor for updates; available sources mention Chrome/SOP issue in general terms but do not specify affected components, versions, or fixes in these materials.
CVE-2011-3067
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements...
CVE-2011-3072
CVE-2011-3072 affects Google Chrome prior to 18.0.1025.151, where remote attackers could bypass the Same Origin Policy via popup-related vectors. The issue is part of a set of Chromium/Chrome vulnerabilities; impact includes partial confidentiality, integrity, and availability. Remediation: updat...
CVE-2011-3067
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements...
CVE-2012-1926
Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the 1 history.pushState and 2 history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information...
Design/Logic Flaw
Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the 1 history.pushState and 2 history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information...