Apple

Safari

1563 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2005-4678

  • EPSS 0.34%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Apple Safari 2.0.2 (aka 416.12) allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. NOTE: the provenance of this information is unknown; the details ar...

7.8

CVE-2005-4504

Exploit
  • EPSS 21.77%
  • Veröffentlicht 22.12.2005 23:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files wit...

7.8

CVE-2005-3897

  • EPSS 0.68%
  • Veröffentlicht 29.11.2005 21:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function.

5

CVE-2005-2524

  • EPSS 0.4%
  • Veröffentlicht 26.10.2005 00:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Safari after 2.0 in Apple Mac OS X 10.3.9 allows remote attackers to bypass domain restrictions via crafted web archives that cause Safari to render them as if they came from a different site.

5

CVE-2005-3018

Exploit
  • EPSS 4.45%
  • Veröffentlicht 21.09.2005 22:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.

7.5

CVE-2005-2516

  • EPSS 1.07%
  • Veröffentlicht 19.08.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands.

2.6

CVE-2005-2517

  • EPSS 0.31%
  • Veröffentlicht 19.08.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site.

5.1

CVE-2005-2522

  • EPSS 2.86%
  • Veröffentlicht 19.08.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file.

5

CVE-2005-2594

Exploit
  • EPSS 4.59%
  • Veröffentlicht 17.08.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body.

2.6

CVE-2005-2272

Exploit
  • EPSS 1.25%
  • Veröffentlicht 13.07.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing...