Apple

Safari

1536 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2010-0052

  • EPSS 8.54%
  • Published 15.03.2010 14:15:32
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements."

9.3

CVE-2010-0053

  • EPSS 6.5%
  • Published 15.03.2010 14:15:32
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property.

9.3

CVE-2010-0054

  • EPSS 8.54%
  • Published 15.03.2010 14:15:32
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements.

9.3

CVE-2010-0040

  • EPSS 19.78%
  • Published 15.03.2010 13:28:25
  • Last modified 11.04.2025 00:51:21

Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a...

4.3

CVE-2010-0041

  • EPSS 1.19%
  • Published 15.03.2010 13:28:25
  • Last modified 11.04.2025 00:51:21

ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafte...

4.3

CVE-2010-0042

  • EPSS 0.96%
  • Published 15.03.2010 13:28:25
  • Last modified 11.04.2025 00:51:21

ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafte...

9.3

CVE-2010-0043

  • EPSS 16.21%
  • Published 15.03.2010 13:28:25
  • Last modified 11.04.2025 00:51:21

ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.

4.3

CVE-2010-0044

  • EPSS 0.46%
  • Published 15.03.2010 13:28:25
  • Last modified 11.04.2025 00:51:21

PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.

9.3

CVE-2010-0045

  • EPSS 2.73%
  • Published 15.03.2010 13:28:25
  • Last modified 11.04.2025 00:51:21

Apple Safari before 4.0.5 on Windows does not properly validate external URL schemes, which allows remote attackers to open local files and execute arbitrary code via a crafted HTML document.

9.3

CVE-2010-0046

  • EPSS 9.03%
  • Published 15.03.2010 13:28:25
  • Last modified 11.04.2025 00:51:21

The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments.