Moderate: Red Hat Security Advisory: webkitgtk security update

Updated webkitgtk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

webkit: cross-origin image theft

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially...

Google Chrome Multiple Vulnerabilities (Dec 2010) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-201012-01 : Chromium: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201012-01 Chromium: Multiple vulnerabilities Multiple vulnerabilities were found in Chromium. For further information please consult the release notes referenced below. Impact : A remote attacker could trick a user to perform a se...

Microsoft Internet Explorer CVE-2010-3342 Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may...

Firefox 3.6.13 pseudo-URL SOP check bug (CVE-2010-3774)

Hi folks, Firefox 3.6.13 fixes an interesting bug in their same-origin policy logic for pseudo-URLs that do not have any inherent origin associated with them. These documents are normally expected to inherit the context from their parent, or be assigned a unique one. This didn't work as expected ...

CVE-2010-4483

Google Chrome before 8.0.552.215 does not properly restrict read access to videos derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via a crafted web site...

CVE-2010-4483

Google Chrome before 8.0.552.215 does not properly restrict read access to videos derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via a crafted web site...

Design/Logic Flaw

Google Chrome before 8.0.552.215 does not properly restrict read access to videos derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via a crafted web site...

CVE-2010-4483

Google Chrome before 8.0.552.215 does not properly restrict read access to videos derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via a crafted web site...

CVE-2010-4483

Removed by vendor...

CVE-2010-4483

CVE-2010-4483 affects Google Chrome up to version 8.0.552.214 (before 8.0.552.215). The issue is an information-disclosure vulnerability where read access to videos derived from CANVAS elements is not properly restricted, allowing remote attackers to bypass the Same Origin Policy and potentially ...

SuSE 11 / 11.1 Security Update : Mozilla Firefox (SAT Patch Numbers 3455 / 3456)

This update brings Mozilla Firefox to version 3.6.12, fixing various bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs...

SuSE 11 / 11.1 Security Update : Mozilla XULrunner (SAT Patch Numbers 3557 / 3558)

This update brings the Mozilla XULRunner engine to version 1.9.1.15, fixing various bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Som...

SuSE 11 / 11.1 Security Update : Mozilla Firefox (SAT Patch Numbers 2780 / 2781)

This update brings Mozilla Firefox to the 3.5.11 security release. It fixes following security issues : - Several memory safety bugs in habe been identified in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs show evidence of memory corruption under certain...

RHEL 6 : thunderbird (RHSA-2010:0896)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2010:0896 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. A race condition flaw was found in the way Thunderbird handled Document Objec...

RHEL 6 : firefox (RHSA-2010:0861)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0861 advisory. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A race condition flaw was...

Mozilla cross-site information disclosure via modal calls

Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which...

Moderate: Red Hat Security Advisory: thunderbird security update

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...