Apple

Safari

1536 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2010-1179

Exploit
  • EPSS 3.98%
  • Published 29.03.2010 19:30:00
  • Last modified 11.04.2025 00:51:21

Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large integer in the numcolors attribute of a recolorinfo element in a VML file, possibly...

9.3

CVE-2010-1180

Exploit
  • EPSS 5.13%
  • Published 29.03.2010 19:30:00
  • Last modified 11.04.2025 00:51:21

Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long exception string in a throw statement, possibly a related issue to CVE-2009-1514.

4.3

CVE-2010-1131

Exploit
  • EPSS 1.58%
  • Published 27.03.2010 19:07:11
  • Last modified 11.04.2025 00:51:21

JavaScriptCore.dll, as used in Apple Safari 4.0.5 on Windows XP SP3, allows remote attackers to cause a denial of service (application crash) via an HTML document composed of many successive occurrences of the <object> substring.

10

CVE-2010-1119

  • EPSS 24.42%
  • Published 25.03.2010 21:00:01
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of serv...

10

CVE-2010-1120

  • EPSS 3.03%
  • Published 25.03.2010 21:00:01
  • Last modified 11.04.2025 00:51:21

Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Charlie Miller during a Pwn2Own competition at CanSecWest 2010.

5

CVE-2010-1099

  • EPSS 0.16%
  • Published 24.03.2010 22:45:16
  • Last modified 11.04.2025 00:51:21

Integer overflow in Apple Safari allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25.

5

CVE-2010-1029

Exploit
  • EPSS 37.62%
  • Published 19.03.2010 21:30:00
  • Last modified 11.04.2025 00:51:21

Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (ap...

9.3

CVE-2010-0049

  • EPSS 36.53%
  • Published 15.03.2010 14:15:32
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality.

9.3

CVE-2010-0050

  • EPSS 45.13%
  • Published 15.03.2010 14:15:32
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.

4.3

CVE-2010-0051

  • EPSS 2.4%
  • Published 15.03.2010 14:15:32
  • Last modified 11.04.2025 00:51:21

WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote attackers to obtain sensitive information via a crafted HTML document. NOTE: this might overlap CVE-2010-0651.