Creditee: Sergey Glazunov

Known Contact Information:

  • (as of 2011-01-12)

Known Affiliations:

  • None at this time

Disclosed Vulnerabilities (50):

Disc. DateOSVDB IDCVEIDTitle
2012-09-25 85764 2012-2886 Google V8 NewFunction Function Universal XSS
2012-09-04 85775 2012-2889 WebKit Frame Element Handling Universal XSS
2012-04-05 81042 2011-3072 WebKit JavaScript Bindings Parenting Pop-up Window Cross-Origin Violation
2012-04-05 81037 2011-3067 WebKit Cross-Origin iframe Replacement Same Origin Policy Bypass
2012-03-29 80741 2011-3063 Google Chrome Renderer Navigation Request Validation Weakness
2012-03-21 80292 2011-3054 Google Chrome Webui Privilege Isolation Weakness
2012-03-21 80294 2011-3056 WebKit Magic iframe Same Origin Policy Bypass
2012-03-09 79893 2011-3046 WebKit Unspecified Universal XSS / History Navigation Remote Code Execution
2012-03-08 79965 2012-0586 WebKit Unspecified XSS (2012-0586)
2012-03-08 79966 2012-0587 WebKit Unspecified XSS (2012-0587)
2012-03-08 79920 2012-0598 WebKit Website Handling Unspecified Memory Corruption (2012-0598)
2011-10-25 90390 2011-3881 WebKit V8DOMWindow::namedPropertyGetter Same Origin Policy Bypass
2011-10-25 76552 2011-3881 WebKit HTMLPlugInImageElement::allowedToLoadFrameURL JavaScript URI Same Origin Policy Bypass
2011-10-25 90389 2011-3881 WebKit XSLT-generated Document Security Origin Inheritance Same Origin Policy Bypass
2011-10-25 90388 2011-3881 WebKit ScriptController::executeIfJavaScriptURL Synchronous Frame Load Confusion Same Origin Policy Bypass
2011-10-25 90387 2011-3881 WebKit DOMWindow Sub-objects Recreation After Navigation Same Origin Policy Bypass
2011-10-12 76353 2011-3243
2011-2342		 WebKit DOMWindow::setLocation Inactive DOM Window Handling Universal XSS
2011-10-04 76063 2011-2878 WebKit Window Prototype Named Property Confusion Same Origin Policy Bypass
2011-08-22 74696 2011-2826 Google Chrome Empty Origin Same Origin Policy Bypass
2011-08-22 74700 2011-2829 Google Chrome Unspecified Uniform Array Handling Overflow
2011-08-02 74233 2011-2783 Google Chrome Extensions Developer-Mode NPAPI Plugin Installation Confirmation Weakness
2011-08-02 74228 2011-2358 Google Chrome Extension Installation Confirmation Weakness
2011-06-07 72789 2011-1819 Google Chrome Installed Extensions Unsafe Permissions Weakness
2011-06-07 72790 2011-2332 Google Chrome window.execScript Universal XSS
2011-04-27 72216 2011-1451 WebKit Non-styled Element Removal ID Mapping Use-after-free
2011-04-27 72218 2011-1454 Google Chrome DOM id Use-after-free Unspecified DoS
2011-04-19 72207 2011-1442 WebKit Node Removal Custom Event Handlers DOM Tree Corruption
2011-03-25 72262 2011-1296 WebKit SVG Text Handling 'insertedIntoDocument' Stale Pointer
2011-03-08 72487 2011-1199 WebKit V8DataView::constructorCallback DataView Object Handling Remote Code Execution
2011-03-08 72489 2011-1201 WebKit WebGL Rendering Context Removal Use-after-free Remote Code Execution
2011-03-08 72479 2011-1191 Google Chrome DOM URL Handling Use-after-free Remote Code Execution
2011-03-08 72491 2011-1203 Google Chrome SVG Cursors Stale Pointer Remote Code Execution
2011-03-08 72492 2011-1204 Google Chrome Attribute Handling DOM Tree Corruption
2011-03-02 71541 2011-0140 WebKit CSSStyleSheet / CSSRuleList CSS Rule Deletion Use-after-free
2011-03-01 72283 2011-1110 WebKit Key Frame Rule Stylesheet Removal Use-after-free
2011-01-26 90383 Google Chrome Speech API Pending Speech Recognition Use-after-free Code Execution
2011-01-12 70454 2011-0471
2011-0111		 WebKit Node-iteration Pointer Handling Use-after-free
2011-01-12 70465 2011-0482
2011-0136		 WebKit FrameView::scrollToAnchor Bad Cast Memory Corruption
2011-01-12 70468 2011-0485 Google Chrome Speech Data Stale Pointer Arbitrary Code Execution
2010-12-30 70466 2011-0483
2011-0168
2011-0165		 WebKit Video Handling HTMLVideoElement Bad Cast Memory Corruption
2010-12-13 70106 2010-4578
2011-0143		 WebKit SVG Cursor Element Handling Use-after-free
2010-12-13 70456 2011-0473
2011-0137		 WebKit CSS Token Sequence CANVAS Element Use-after-free Issue
2010-10-19 68851 2010-3180 Mozilla Multiple Products nsBarProp Function Use-after-free Closed Window locationbar Property Arbitrary Code Execution
2010-08-19 67458 2010-3112
2010-3414		 Google Chrome Select File Dialog Listener Object Use-after-free
2010-08-19 67462 2010-3116 WebKit MIME Type Handling PluginData Page Pointer Page Destruction Use-after-free
2010-08-19 67464 2010-3117 Google Chrome Notifications UI Manager Implementation Use-after-free
2010-08-19 89663 2010-3116 WebKit MIME Type Handling PluginData Page Pointer Page Refreshing Use-after-free
2010-07-02 66043 2010-2645 WebKit WebGL WebGLUnsignedIntArrayInternal::getCallback Out-of-bounds Read Memory Disclosure
2010-06-08 65329 2010-1418
2010-2296		 WebKit iframe.src JavaScript URL Multiple DOM Aliases Cross-Origin Bypass UXSS
2010-03-17 63111 2010-1233 Google Chrome WebKit WebGL Arrays JavaScript Object Integer Overflow Issues

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2013 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use