CVE-2010-0041
- EPSS 2.52%
- Veröffentlicht 15.03.2010 13:28:25
- Zuletzt bearbeitet 16.06.2026 23:15:17
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafte...
CVE-2010-0042
- EPSS 2.52%
- Veröffentlicht 15.03.2010 13:28:25
- Zuletzt bearbeitet 16.06.2026 23:15:17
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafte...
CVE-2010-0043
- EPSS 5.8%
- Veröffentlicht 15.03.2010 13:28:25
- Zuletzt bearbeitet 16.06.2026 23:15:17
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.
CVE-2010-0044
- EPSS 1.53%
- Veröffentlicht 15.03.2010 13:28:25
- Zuletzt bearbeitet 16.06.2026 23:15:18
PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.
CVE-2010-0045
- EPSS 4.4%
- Veröffentlicht 15.03.2010 13:28:25
- Zuletzt bearbeitet 16.06.2026 23:15:18
Apple Safari before 4.0.5 on Windows does not properly validate external URL schemes, which allows remote attackers to open local files and execute arbitrary code via a crafted HTML document.
CVE-2010-0046
- EPSS 5.93%
- Veröffentlicht 15.03.2010 13:28:25
- Zuletzt bearbeitet 16.06.2026 23:15:18
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments.
CVE-2010-0047
- EPSS 5.04%
- Veröffentlicht 15.03.2010 13:28:25
- Zuletzt bearbeitet 16.06.2026 23:15:18
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "HTML object element fallback content."
CVE-2010-0048
- EPSS 5.04%
- Veröffentlicht 15.03.2010 13:28:25
- Zuletzt bearbeitet 16.06.2026 23:15:18
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document.
- EPSS 1.16%
- Veröffentlicht 03.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:17:08
cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.3 and 4.0.4 on Windows, allows remote attackers to cause a denial of service (application crash) via a long string in the BACKGROUND attribute of a BODY element...
- EPSS 1.16%
- Veröffentlicht 03.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:17:08
cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.4 on Windows, allows remote attackers to cause a denial of service (application crash) via a long string in the SRC attribute of a (1) IMG or (2) IFRAME element...