[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96078

 
 

909

 
 

78009

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 1024 Download | Alert*

Security researcher Jordi Chancel reported a mechanism where the cursor can be rendered invisible after it has been used on an embedded flash object when used outside of the object. This flaw can be in used in combination with an image of the cursor manipulated through JavaScript, leading to clickjacking during interactions with HTML content subsequently. This issue only affects OS X and is not pr ...

Security researcher Christian Heimes reported that the RFC 6125 for wildcard certificates. This leads to improper wildcard matching of domains when they should not be matched in compliance with the specification. This issue was fixed in NSS version 3.16.

The host is missing a security update according to Apple advisory, APPLE-SA-2014-06-30-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

The host is missing a security update according to Adobe advisory, APSB14-04. The update is required to fix an integer underflow vulnerability. A flaw is present in the application, which fails to handle certain vectors related to memory. Successful exploitation allows attackers to execute arbitrary code.

The host is missing a critical security update according to Adobe advisory, APSB14-13. The update is required to fix buffer overflow vulnerability. A flaw is present in the application, which fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successful exploitation allows attackers to execute arbitrary code.

Mozilla developers David Chan and Gijs Kruitbosch reported that it is possible to create a drag and drop event in web content which mimics the behavior of a chrome customization event. This can occur when a user is customizing a page or panel. This results in a limited ability to move UI icons within the visible window but does not otherwise affect customization or window content.

Security researchers Tyson Smith and Jesse Schwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a use-after-free in the event listener manager. This can be triggered by web content and leads to a potentially exploitable crash. This issue was introduced in Firefox 29 and does not affect earlier versions.

Security researcher Looben Yang reported a buffer overflow in Gamepad API when it is exercised with a gamepad device with non-contiguous axes. This can be either an actual physical device or by the installation of a virtual gamepad. This results in a potentially exploitable crash. The Gamepad API was introduced in Firefox 29 and this issue does not affect earlier versions.

The host is missing a critical security update according to Mozilla advisory, MFSA2016-96. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code or crash the service.

The host is missing a critical security update according to Mozilla advisory, MFSA2014-91. A flaw is present in the applications which fails to properly handle a Chrome Object Wrapper. Successful exploitation allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method.


Pages:      Start    86    87    88    89    90    91    92    93    94    95    96    97    98    99    ..   102

© 2013 SecPod Technologies