Apple

Safari

1536 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2011-1457

  • EPSS 3%
  • Veröffentlicht 21.07.2011 23:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in ...

9.3

CVE-2011-1462

  • EPSS 3%
  • Veröffentlicht 21.07.2011 23:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in ...

8.8

CVE-2011-1774

  • EPSS 76.75%
  • Veröffentlicht 21.07.2011 23:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. NOTE: this may overlap CVE-2011-1425.

9.3

CVE-2011-1797

  • EPSS 1.48%
  • Veröffentlicht 21.07.2011 23:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in ...

9.3

CVE-2010-1383

  • EPSS 0.56%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue.

4.3

CVE-2010-1420

  • EPSS 0.18%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file.

5

CVE-2011-0214

  • EPSS 0.11%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certificatio...

9.3

CVE-2011-0215

  • EPSS 1.75%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

ImageIO in Apple Safari before 5.0.6 on Windows does not properly address re-entrancy issues, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file.

9.3

CVE-2011-0216

  • EPSS 2.31%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site.

4.3

CVE-2011-0217

  • EPSS 0.18%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fiel...