Apple

Safari

1582 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2010-1120

  • EPSS 3.03%
  • Veröffentlicht 25.03.2010 21:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Charlie Miller during a Pwn2Own competition at CanSecWest 2010.

5

CVE-2010-1099

  • EPSS 0.16%
  • Veröffentlicht 24.03.2010 22:45:16
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in Apple Safari allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25.

5

CVE-2010-1029

Exploit
  • EPSS 32.17%
  • Veröffentlicht 19.03.2010 21:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (ap...

9.3

CVE-2010-0049

  • EPSS 30.07%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality.

9.3

CVE-2010-0050

  • EPSS 46.37%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.

4.3

CVE-2010-0051

  • EPSS 2.4%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote attackers to obtain sensitive information via a crafted HTML document. NOTE: this might overlap CVE-2010-0651.

9.3

CVE-2010-0052

  • EPSS 8.54%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements."

9.3

CVE-2010-0053

  • EPSS 5.6%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property.

9.3

CVE-2010-0054

  • EPSS 8.54%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements.

9.3

CVE-2010-0040

  • EPSS 19.78%
  • Veröffentlicht 15.03.2010 13:28:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a...