8287 matches found
CVE-2011-0166
CVE-2011-0166 applies to WebKit in Apple Safari up to version 5.0.3, where HTML5 drag-and-drop could bypass Same Origin Policy and leak sensitive data. Root cause: drag-and-drop handling in WebKit. Impact: user-assisted remote information disclosure with no explicit exploit details provided. Reme...
CVE-2011-0161
CVE-2011-0161 affects WebKit as used in Apple Safari before 5.0.4 and iOS before 4.3. The vulnerability arises from how the Attr.style accessor is handled, allowing remote attackers to bypass the Same Origin Policy and inject CSS token sequences via a crafted website. The described impact is that...
CVE-2011-0167
CVE-2011-0167 is a WebKit/WebKit-based vulnerability in Apple Safari affecting Safari before 5.0.4. The issue allows remote attackers to bypass the Same Origin Policy and force the upload of arbitrary local files from a client computer via a crafted website. The condition is a cross-origin/contro...
CVE-2011-0169
WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does not properly handle the window.console.inspectorCommandLineAPI property, which allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting XSS attacks via a crafted web site...
CVE-2011-0169
The CVE-2011-0169 entry concerns WebKit in Apple Safari prior to 5.0.4. The vulnerability stems from improper handling of the window.console._inspectorCommandLineAPI property when the Web Inspector is active, allowing user‑assisted remote attackers to bypass the Same Origin Policy and perform cro...
CVE-2011-1190
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."...
CVE-2011-1193
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors...
CVE-2011-1187
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."...
UBUNTU-CVE-2011-1190
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."...
Design/Logic Flaw
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors...
Design/Logic Flaw
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."...
UBUNTU-CVE-2011-1193
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors...
Design/Logic Flaw
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."...
CVE-2011-1190
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."...
CVE-2011-1193
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors...
CVE-2011-1187
CVE-2011-1187 affects Google Chrome prior to 10.0.648.127, allowing remote attackers to bypass the Same Origin Policy via an unspecified error-message leak vector. The vulnerability targets the browser’s SOP checks, enabling cross-origin access that should be restricted. Public sources within the...
CVE-2011-1190
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."...
CVE-2011-1187
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."...
CVE-2011-1190
CVE-2011-1190 involves the Web Workers cross-origin issue in Chrome before 10.0.648.127. The vulnerability allowed remote attackers to bypass the Same Origin Policy via an error-message leak, potentially exposing partial data to other origins. Affected software: Google Chrome/Chromium WebKit impl...
CVE-2011-1193
CVE-2011-1193 affects Google Chrome’s V8 engine; Google Chrome before 10.0.648.127 can bypass the Same Origin Policy via unspecified vectors. Affected product: Google Chrome (V8). Root cause: SOP bypass in the V8/SOP handling. Impact per sources: partial confidentiality, integrity, and availabili...