- EPSS 3.23%
- Published 01.11.2004 05:00:00
- Last modified 03.04.2025 01:03:51
Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags.
CVE-2004-0720
- EPSS 0.53%
- Published 27.07.2004 04:00:00
- Last modified 03.04.2025 01:03:51
Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
CVE-2003-0514
- EPSS 2.71%
- Published 15.04.2004 04:00:00
- Last modified 03.04.2025 01:03:51
Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e...
- EPSS 0.58%
- Published 15.12.2003 05:00:00
- Last modified 03.04.2025 01:03:51
Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
CVE-2003-0370
- EPSS 0.94%
- Published 16.06.2003 04:00:00
- Last modified 03.04.2025 01:03:51
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
- EPSS 0.35%
- Published 09.06.2003 04:00:00
- Last modified 03.04.2025 01:03:51
Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates.