Vulnerability & Exploit Database

Displaying all 7 entries

Results for: CVE-2015-6785 Back to search

Ubuntu: USN-2825-1 (CVE-2015-6785): Oxide vulnerabilities Vulnerability

  • Severity: 4
  • Published: December 05, 2015

The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a *.x.y pattern, which might allow remote attackers to bypass intended access restrictions in opportunistic circumstances by leve...

SUSE: CVE-2015-6785: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: December 05, 2015

The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a *.x.y pattern, which might allow remote attackers to bypass intended access restrictions in opportunistic circumstances by leve...

Google Chrome Vulnerability: CVE-2015-6785 Vulnerability

  • Severity: 4
  • Published: December 05, 2015

The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a *.x.y pattern, which might allow remote attackers to bypass intended access restrictions in opportunistic circumstances by leve...

Gentoo Linux: CVE-2015-6785: Chromium: Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: December 05, 2015

The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a *.x.y pattern, which might allow remote attackers to bypass intended access restrictions in opportunistic circumstances by leve...

Debian: CVE-2015-6785: chromium-browser -- security update Vulnerability

  • Severity: 4
  • Published: December 05, 2015

The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a *.x.y pattern, which might allow remote attackers to bypass intended access restrictions in opportunistic circumstances by leve...

RHSA-2015:2545: chromium-browser security update Vulnerability

  • Severity: 10
  • Published: December 03, 2015

Chromium is an open-source web browser, powered by WebKit (Blink).Several flaws were found in the processing of malformed web content. A webpage containing malicious content could cause Chromium to crash, executearbitrary code, or disclose sensitive information when visited by thevictim. (CVE-2015-6764, CVE-2015-6765, CVE-2015-6766, CVE-...