Apple

Safari

1591 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2010-1099

  • EPSS 0.16%
  • Veröffentlicht 24.03.2010 22:45:16
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Integer overflow in Apple Safari allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25.

5

CVE-2010-1029

Exploit
  • EPSS 35.17%
  • Veröffentlicht 19.03.2010 21:30:00
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (ap...

9.3

CVE-2010-0049

  • EPSS 30.07%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality.

9.3

CVE-2010-0050

  • EPSS 46.37%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.

4.3

CVE-2010-0051

  • EPSS 2.4%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 29.04.2026 01:13:23

WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote attackers to obtain sensitive information via a crafted HTML document. NOTE: this might overlap CVE-2010-0651.

9.3

CVE-2010-0052

  • EPSS 8.54%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements."

9.3

CVE-2010-0053

  • EPSS 5.6%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property.

9.3

CVE-2010-0054

  • EPSS 8.54%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements.

9.3

CVE-2010-0040

  • EPSS 19.78%
  • Veröffentlicht 15.03.2010 13:28:25
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a...

4.3

CVE-2010-0041

  • EPSS 1.19%
  • Veröffentlicht 15.03.2010 13:28:25
  • Zuletzt bearbeitet 29.04.2026 01:13:23

ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafte...