Apple

Safari

1536 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2006-1987

Exploit
  • EPSS 4.52%
  • Veröffentlicht 21.04.2006 22:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. NOTE: due to lack of ...

5

CVE-2006-1988

Exploit
  • EPSS 1.43%
  • Veröffentlicht 21.04.2006 22:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function in Apple Safari 2.0.3 allows remote attackers to cause a denial of service (application crash) via an HTML LI tag with a large VALUE attribute (list item number), which triggers a ...

5

CVE-2006-1552

  • EPSS 3.82%
  • Veröffentlicht 31.03.2006 11:06:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom".

5

CVE-2005-4678

  • EPSS 0.34%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Apple Safari 2.0.2 (aka 416.12) allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. NOTE: the provenance of this information is unknown; the details ar...

7.8

CVE-2005-4504

Exploit
  • EPSS 21.77%
  • Veröffentlicht 22.12.2005 23:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files wit...

7.8

CVE-2005-3897

  • EPSS 0.68%
  • Veröffentlicht 29.11.2005 21:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function.

5

CVE-2005-2524

  • EPSS 0.4%
  • Veröffentlicht 26.10.2005 00:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Safari after 2.0 in Apple Mac OS X 10.3.9 allows remote attackers to bypass domain restrictions via crafted web archives that cause Safari to render them as if they came from a different site.

5

CVE-2005-3018

Exploit
  • EPSS 4.45%
  • Veröffentlicht 21.09.2005 22:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.

7.5

CVE-2005-2516

  • EPSS 1.07%
  • Veröffentlicht 19.08.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands.

2.6

CVE-2005-2517

  • EPSS 0.31%
  • Veröffentlicht 19.08.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site.