Apple

Safari

1582 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2010-0041

  • EPSS 1.19%
  • Veröffentlicht 15.03.2010 13:28:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafte...

4.3

CVE-2010-0042

  • EPSS 0.96%
  • Veröffentlicht 15.03.2010 13:28:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafte...

9.3

CVE-2010-0043

  • EPSS 16.21%
  • Veröffentlicht 15.03.2010 13:28:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.

4.3

CVE-2010-0044

  • EPSS 0.46%
  • Veröffentlicht 15.03.2010 13:28:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.

9.3

CVE-2010-0045

  • EPSS 2.73%
  • Veröffentlicht 15.03.2010 13:28:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Apple Safari before 4.0.5 on Windows does not properly validate external URL schemes, which allows remote attackers to open local files and execute arbitrary code via a crafted HTML document.

9.3

CVE-2010-0046

  • EPSS 9.03%
  • Veröffentlicht 15.03.2010 13:28:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments.

9.3

CVE-2010-0047

  • EPSS 10.32%
  • Veröffentlicht 15.03.2010 13:28:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "HTML object element fallback content."

9.3

CVE-2010-0048

  • EPSS 7.9%
  • Veröffentlicht 15.03.2010 13:28:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document.

5

CVE-2010-0924

Exploit
  • EPSS 0.74%
  • Veröffentlicht 03.03.2010 19:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.3 and 4.0.4 on Windows, allows remote attackers to cause a denial of service (application crash) via a long string in the BACKGROUND attribute of a BODY element...

5

CVE-2010-0925

Exploit
  • EPSS 0.48%
  • Veröffentlicht 03.03.2010 19:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.4 on Windows, allows remote attackers to cause a denial of service (application crash) via a long string in the SRC attribute of a (1) IMG or (2) IFRAME element...