CVSS: 7.5EPSS: 1%CPEs: 74EXPL: 0CVE-2010-1408
https://notcve.org/view.php?id=CVE-2010-1408
11 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to bypass intended restrictions on outbound connections to "non-default TCP ports" via a crafted port number, related to an "integer truncation issue." NOTE: this may overlap CVE-2010-1099. WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos eludir restricciones en conexiones saliente... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-189: Numeric Errors CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 2%CPEs: 74EXPL: 0CVE-2010-1410
https://notcve.org/view.php?id=CVE-2010-1410
11 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an SVG document with nested use elements. WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos ejecutar código a su elección o causar una denegación de servicio (corrupción de memoria y... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 11EXPL: 0CVE-2010-1750
https://notcve.org/view.php?id=CVE-2010-1750
11 Jun 2010 — Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management. Vulnerabilidad de uso despues de liberacion en WebKit de Apple Safari anterior a v5.0 en Windows permite a los atacantes remotos ejecutar código a su elección o causar una denegación de servicio (fallo de la aplicación) a través de vectores relacionados con la inadecuada gestión de ventanas. • http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 0%CPEs: 74EXPL: 0CVE-2010-1416
https://notcve.org/view.php?id=CVE-2010-1416
11 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict the reading of a canvas that contains an SVG image pattern from a different web site, which allows remote attackers to read images from other sites via a crafted canvas, related to a "cross-site image capture issue." Webkit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior v4.1 en Mac OS X v10.4, no restringe adecuadamente la lectura de un "ca... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 13%CPEs: 74EXPL: 0CVE-2010-1392 – Apple Webkit Button First-Letter Style Rendering Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1392
09 Jun 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to HTML buttons and the first-letter CSS style. Vulnerabilidad de uso despues de liberacion en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos ejecutar có... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 7%CPEs: 74EXPL: 0CVE-2010-1396 – Apple Webkit Option Element ContentEditable Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1396
08 Jun 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the contentEditable attribute and removing container elements. Vulnerabilidad de uso despues de liberacion en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes r... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 7%CPEs: 74EXPL: 0CVE-2010-1397 – Apple Webkit DOCUMENT_POSITION_DISCONNECTED Attribute Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1397
08 Jun 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to a layout change during selection rendering and the DOCUMENT_POSITION_DISCONNECTED attribute in a container of an unspecified type. Una vulnerabilidad de uso de la memoria previamente liberada en WebKit en Safari de Apple anterior a versión 5.0 sobr... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 12%CPEs: 74EXPL: 0CVE-2010-1399 – Apple Webkit SelectionController via Marquee Event Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1399
08 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during a selection change on a form input element, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document. WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, accede a memoria no inicializada durante un cambio de selección en un elem... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 7%CPEs: 74EXPL: 0CVE-2010-1401 – Apple Webkit First-Letter Pseudo-Element Style Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1401
08 Jun 2010 — Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the :first-letter pseudo-element. Vulnerabilidad de uso despues de liberacion en la implementación de las hojas de estilo en cascada (CSS) en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 7%CPEs: 74EXPL: 0CVE-2010-1398 – Apple Webkit ContentEditable moveParagraphs Uninitialized Element Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1398
08 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document, related to the insertion of an unspecified element into an editable container and the access of an uninitialized element. WebKit en Safari de Apple anterior a versión 5.0 sobre Mac OS X versiones... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •