49 matches found
WebKit - Universal XSS in HTMLFrameElementBase::isURLAllowed Exploit
VULNERABILITY DETAILS HTMLFrameElementBase.cpp: bool HTMLFrameElementBase::isURLAllowed const if mURL.isEmpty // 4 return true; return isURLAlloweddocument.completeURLmURL; bool HTMLFrameElementBase::isURLAllowedconst URL& completeURL const if document.page && document.page-subframeCount =...
WebKit - Universal XSS in HTMLFrameElementBase::isURLAllowed
VULNERABILITY DETAILS HTMLFrameElementBase.cpp: bool HTMLFrameElementBase::isURLAllowed const if mURL.isEmpty // 4 return true; return isURLAlloweddocument.completeURLmURL; bool HTMLFrameElementBase::isURLAllowedconst URL& completeURL const if document.page && document.page-subframeCount =...
WebKit CachedFrame Universal Cross Site Scripting
WebKit: UXSS: CachedFrame doesn't detach openers CVE-2017-2528 When a document loads "about:blank" or "about:srcdoc", it tries to inherit the security origin from its parent frame, or its opener frame if the parent frame doesn't exist. Normally, it doesn't happen that a subframe's document inheri...
Apple WebKit 10.0.2 (12602.3.12.0.1) - 'disconnectSubframes' Universal Cross-Site Scripting
frameOwners; if policy == RootAndDescendants if isroot frameOwners.appenddowncastroot; collectFrameOwnersframeOwners, root; // Must disable frame loading in the subtree so an unload handler cannot // insert more frames and create loaded frames in detached subtrees. SubframeLoadingDisabler...
CVE-2016-5132
The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote attackers to bypass the Same Origin Policy via an https IFRAME element inside an http IFRAME...
UBUNTU-CVE-2016-5132
The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote attackers to bypass the Same Origin Policy via an https IFRAME element inside an http IFRAME...
CVE-2016-1664
The HistoryController::UpdateForCommit function in content/renderer/historycontroller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web sit...
CVE-2016-1664
The HistoryController::UpdateForCommit function in content/renderer/historycontroller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web sit...
chromium-browser: address bar spoofing
The HistoryController::UpdateForCommit function in content/renderer/historycontroller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web sit...
Internet Explorer 4.1/5.0/4.0.1 Subframe Spoofing Vulnerability
No description provided by source. Internet Explorer 4.1 for Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.0 for Windows 95/Windows 98/Windows NT 4,Internet Explorer 4.0.1 for Windows 98/Windows NT 4.0 Subframe Spoofing Vulnerability source: http://www.securityfocus.com/bid/855/info IE's...
CVE-2013-5227
Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers to bypass the Same Origin Policy and discover credentials by triggering autofill of subframe form fields...
Design/Logic Flaw
Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers to bypass the Same Origin Policy and discover credentials by triggering autofill of subframe form fields...
CVE-2013-5227
Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers to bypass the Same Origin Policy and discover credentials by triggering autofill of subframe form fields...
CVE-2013-5227
CVE-2013-5227 (Safari autofill origin tracking) affects Apple Safari, where remote attackers could bypass Same Origin Policy and discover credentials by triggering autofill of subframe form fields. The vulnerability is described as: Safari may autofill user names and passwords into a subframe fro...
CVE-2011-3021
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading...
CVE-2011-3021
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading...
CVE-2011-3021
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading...
Design/Logic Flaw
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading...
UBUNTU-CVE-2011-3021
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading...
CVE-2011-3021
CVE-2011-3021 affects Google Chrome up to version 17.0.963.56, where a use-after-free in the subframe loading path allows remote attackers to cause a denial of service and potentially other impacts. The issue is triggered via subframe loading vectors and is described as a use-after-free vulnerabi...