Vulnerability & Exploit Database

Displaying all 7 entries

Results for: CVE-2015-6790 Back to search

Ubuntu: USN-2860-1 (CVE-2015-6790): Oxide vulnerabilities Vulnerability

  • Severity: 4
  • Published: December 14, 2015

The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as demonstrated by a double-quote character i...

SUSE: CVE-2015-6790: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: December 14, 2015

The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as demonstrated by a double-quote character i...

RHSA-2015:2618: chromium-browser security update Vulnerability

  • Severity: 10
  • Published: December 14, 2015

Chromium is an open-source web browser, powered by WebKit (Blink).Several flaws were found in the processing of malformed web content. A webpage containing malicious content could cause Chromium to crash, executearbitrary code, or disclose sensitive information when visited by thevictim. (CVE-2015-6788, CVE-2015-6789, CVE-2015-6790, CVE-...

Google Chrome Vulnerability: CVE-2015-6790 Vulnerability

  • Severity: 4
  • Published: December 14, 2015

The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as demonstrated by a double-quote character i...

Gentoo Linux: CVE-2015-6790: Chromium: Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: December 14, 2015

The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as demonstrated by a double-quote character i...

Debian: CVE-2015-6790: chromium-browser -- security update Vulnerability

  • Severity: 4
  • Published: December 14, 2015

The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as demonstrated by a double-quote character i...