|
302731
|
- |
|
opera
|
opera_browser
|
Opera before 10.63 does not properly verify the origin of video content, which allows remote attackers to obtain sensitive information by using a video stream as HTML5 canvas content.
|
CWE-200
Information Exposure
|
CVE-2010-4046
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302732
|
- |
|
opera
|
opera_browser
|
Opera before 10.63 does not properly restrict web script in unspecified circumstances involving reloads and redirects, which allows remote attackers to spoof the Address Bar, conduct cross-site scrip…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4045
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302733
|
- |
|
opera
|
opera_browser
|
Opera before 10.63 does not ensure that the portion of a URL shown in the Address Bar contains the beginning of the URL, which allows remote attackers to spoof URLs by changing a window's size.
|
CWE-20
Improper Input Validation
|
CVE-2010-4044
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302734
|
- |
|
opera
|
opera_browser
|
Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive infor…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4043
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302735
|
9.8 |
CRITICAL
Network
|
google
opensuse
|
chrome
opensuse
|
Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "sta…
|
CWE-20
Improper Input Validation
|
CVE-2010-4042
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302736
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unsp…
|
NVD-CWE-noinfo
|
CVE-2010-4041
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302737
|
7.8 |
HIGH
Local
|
google
debian
opensuse
|
chrome
debian_linux
opensuse
|
Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact …
|
CWE-20
Improper Input Validation
|
CVE-2010-4040
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302738
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2010-4039
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302739
|
7.5 |
HIGH
Network
|
google
|
chrome
|
The Web Sockets implementation in Google Chrome before 7.0.517.41 does not properly handle a shutdown action, which allows remote attackers to cause a denial of service (application crash) via unspec…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2010-4038
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302740
|
- |
|
google
|
chrome
|
Unspecified vulnerability in Google Chrome before 7.0.517.41 allows remote attackers to bypass the pop-up blocker via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-4037
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
