Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the _android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function. allow attackers to cause a denial of service (application crash) by leveraging a logic error during handling of Firefox dialogs. Google Chrome before 308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4906. Cross-application scripting vulnerability in Google Chrome before 308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by "Universal XSS (UXSS)" attacks against the current tab.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |