MidnightBSD

Advisories for flock

CVE-2010-1236 MEDIUM

The protocolIs function in platform/KURLGoogle.cpp in WebCore in WebKit before r55822, as used in Google Chrome before 4.1.249.1036 and Flock Browser 3.x before 3.0.0.4112, does not properly handle whitespace at the beginning of a URL, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted javascript: URL, as demonstrated by a \x00javascript:alert sequence.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
google chrome 4.0.275.1
google chrome 4.0.305.0
google chrome 4.0.223.8
google chrome 4.0.300.0
google chrome 4.0.244.0
google chrome 4.1.249.1010
google chrome 4.0.249.35
google chrome 4.0.296.0
google chrome 2.0.169.1
google chrome 4.0.288.1
google chrome 4.0.288.0
google chrome 3.0.195.33
google chrome 4.0.249.67
google chrome 4.0.222.1
google chrome 4.1.249.1013
google chrome 4.0.222.12
google chrome 4.0.249.34
google chrome 4.0.251.0
google chrome 4.0.249.58
google chrome 4.0.249.52
google chrome 4.0.249.69
google chrome 4.1.249.1001
google chrome 3.0.190.2
google chrome 1.0.154.59
google chrome 4.0.249.29
google chrome 4.0.259.0
google chrome 2.0.172.2
google chrome 4.1.249.1033
google chrome 4.0.249.17
google chrome 4.0.249.24
google chrome 4.0.292.0
google chrome 4.1.249.1006
google chrome 4.0.265.0
google chrome 0.1.40.1
google chrome 4.0.271.0
google chrome 4.1.249.1023
google chrome 4.0.249.11
google chrome 4.0.245.0
google chrome 0.1.38.2
google chrome 4.0.249.77
google chrome 4.0.267.0
google chrome 4.0.249.31
google chrome 2.0.169.0
google chrome 4.0.249.68
google chrome 4.0.249.62
google chrome 4.0.249.63
google chrome 4.1.249.1026
google chrome 4.1.249.1025
google chrome 4.0.299.0
google chrome 4.0.249.14
google chrome 4.0.249.43
google chrome 4.0.252.0
google chrome 4.1.249.1030
google chrome 3.0.195.38
google chrome 4.0.249.2
google chrome 4.0.249.32
google chrome 4.1.249.1011
google chrome 4.0.249.36
google chrome 4.0.295.0
google chrome 4.0.249.33
google chrome 4.1.249.1032
google chrome 4.0.222.0
google chrome 4.1.249.1015
google chrome 4.0.249.70
google chrome 4.0.255.0
google chrome 4.0.266.0
google chrome 4.0.235.0
google chrome 4.0.290.0
google chrome 4.1.249.1019
google chrome 4.0.249.50
google chrome 4.0.245.1
google chrome 4.0.249.8
google chrome 4.0.275.0
google chrome 4.1.249.1024
google chrome 4.0.249.89
google chrome 4.0.241.0
google chrome 4.0.240.0
google chrome 4.0.258.0
google chrome 4.0.263.0
google chrome 4.0.246.0
google chrome 4.0.249.4
google chrome 4.0.223.9
google chrome 4.0.249.39
google chrome 4.0.289.0
google chrome 4.0.304.0
google chrome 4.1.249.1031
google chrome 4.0.236.0
google chrome 4.0.249.41
google chrome 4.0.249.64
google chrome 4.0.262.0
google chrome 2.0.172.30
google chrome 4.0.249.38
google chrome 4.0.249.6
google chrome 0.1.42.2
google chrome 4.0.249.30
google chrome 4.0.249.61
google chrome 4.0.249.20
google chrome 4.0.249.51
google chrome 4.0.249.47
google chrome 4.0.249.82
google chrome 4.1.249.1016
google chrome 4.0.303.0
google chrome 4.0.249.25
google chrome 4.0.212.0
google chrome 4.0.249.74
google chrome 4.0.222.5
google chrome 4.0.261.0
google chrome 4.0.249.16
google chrome 4.0.302.3
google chrome 4.0.249.46
google chrome 0.1.38.1
google chrome 4.0.249.3
google chrome 4.0.249.44
google chrome 4.0.249.23
google chrome 4.0.249.53
google chrome 4.0.249.60
google chrome 2.0.172.8
google chrome 2.0.172.38
google chrome 4.0.277.0
google chrome 4.0.249.75
google chrome *
google chrome 4.1.249.1004
google chrome 4.0.249.72
google chrome 4.0.249.28
google chrome 2.0.172.28
google chrome 4.0.249.7
google chrome 4.0.249.57
google chrome 4.0.223.0
google chrome 4.1.249.1007
google chrome 4.0.249.9
flock flock 3.0.0.4094
google chrome 4.0.249.59
google chrome 4.0.249.78
google chrome 4.0.250.0
google chrome 4.0.223.4
google chrome 4.1.249.1008
google chrome 4.0.302.0
google chrome 2.0.170.0
google chrome 1.0.154.53
google chrome 1.0.154.65
google chrome 4.0.254.0
google chrome 4.0.249.21
google chrome 4.0.287.0
google chrome 4.0.249.65
google chrome 4.0.286.0
google chrome 4.0.249.42
google chrome 3.0.182.2
google chrome 4.0.249.48
google chrome 4.0.249.71
google chrome 4.0.249.40
google chrome 4.0.249.12
google chrome 4.0.249.54
google chrome 4.0.239.0
google chrome 4.0.223.2
google chrome 3.0.195.27
google chrome 4.1.249.1017
google chrome 4.0.256.0
google chrome 4.0.243.0
google chrome 3.0.195.36
google chrome 2.0.172.27
google chrome 4.0.249.37
google chrome 4.0.249.80
google chrome 4.1.249.1014
google chrome 4.0.237.1
google chrome 4.0.247.0
google chrome 4.1.249.1027
google chrome 4.0.249.22
google chrome 4.1.249.1022
google chrome 4.1.249.1012
google chrome 4.0.248.0
google chrome 4.0.249.5
google chrome 4.0.212.1
google chrome 4.0.264.0
google chrome 4.0.268.0
google chrome 4.0.250.2
google chrome 4.0.249.18
google chrome 4.0.278.0
google chrome 2.0.172.37
google chrome 4.0.223.5
google chrome 4.0.249.10
google chrome 4.0.223.1
google chrome 4.0.276.0
google chrome 4.0.224.0
google chrome 4.0.249.76
google chrome 3.0.195.25
google chrome 4.0.249.45
google chrome 4.0.249.55
google chrome 4.0.249.79
google chrome 4.1.249.1020
google chrome 4.0.272.0
google chrome 4.1.249.1009
google chrome 4.0.249.26
google chrome 4.0.249.0
google chrome 4.0.249.56
google chrome 4.0.249.81
google chrome 4.1.249.0
google chrome 4.0.257.0
google chrome 4.0.269.0
google chrome 4.0.249.73
google chrome 4.0.301.0
google chrome 3.0.195.37
google chrome 4.0.249.66
google chrome 4.1.249.1018
google chrome 4.0.249.19
google chrome 4.0.260.0
google chrome 4.0.294.0
google chrome 4.0.302.1
google chrome 4.0.302.2
google chrome 4.0.242.0
google chrome 4.0.223.7
google chrome 4.1.249.1021
google chrome 4.0.221.8
google chrome 4.1.249.1034
google chrome 4.0.249.1
google chrome 4.1.249.1028
google chrome 4.0.229.1
google chrome 4.0.237.0
google chrome 4.0.249.27
google chrome 2.0.172.33
google chrome 0.1.38.4
google chrome 1.0.154.64
google chrome 4.0.249.49
google chrome 4.1.249.1029
google chrome 0.1.42.3
CVE-2010-3202 MEDIUM

Cross-site scripting (XSS) vulnerability in Flock Browser 3.0.0.3989 allows remote attackers to inject arbitrary web script or HTML via a crafted bookmark.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
flock flock 3.0.0.3989
CVE-2010-3262 MEDIUM

Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before 3.0.0.4114 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
flock flock *