CVSS: 4.3EPSS: 1%CPEs: 34EXPL: 1CVE-2009-1681
https://notcve.org/view.php?id=CVE-2009-1681
10 Jun 2009 — WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not prevent web sites from loading third-party content into a subframe, which allows remote attackers to bypass the Same Origin Policy and conduct "clickjacking" attacks via a crafted HTML document. WebKit en Apple Safari anteriores a v4.0 no previene que páginas web sean cargadas en contenidos de terceros dentro de un "submarco", lo que permite a los atacantes remotos evitar la Política Origi... • http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html •
CVSS: 9.3EPSS: 1%CPEs: 34EXPL: 1CVE-2009-1686
https://notcve.org/view.php?id=CVE-2009-1686
10 Jun 2009 — WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operation during JavaScript exception handling, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. WebKit en Apple Safari antes de v4.0 no maneja adecuadamente constantes (alias const) declaradas en una operación de ... • http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 3%CPEs: 34EXPL: 1CVE-2009-1687 – kdelibs: Integer overflow in KJS JavaScript garbage collector
https://notcve.org/view.php?id=CVE-2009-1687
10 Jun 2009 — The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an "offset of a NULL pointer." El JavaScript garbage collector en WebKit en Apple Safari anteriores a v4.0 no maneja adecuadamente la ... • http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html • CWE-190: Integer Overflow or Wraparound CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 6%CPEs: 76EXPL: 1CVE-2009-1690 – kdelibs: KHTML Incorrect handling <head> element content once the <head> element was removed (DoS, ACE)
https://notcve.org/view.php?id=CVE-2009-1690
10 Jun 2009 — Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers.... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=803 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 3%CPEs: 34EXPL: 0CVE-2009-1709 – Apple Safari SVG Set.targetElement() Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-1709
08 Jun 2009 — Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." Vulnerabilidad de uso después de la liberación en la implementación de la recolección de basura en WebCore en WebKit en Apple Safari anterior... • http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 6.1EPSS: 3%CPEs: 70EXPL: 1CVE-2009-0162 – Apple Safari 3.2.2 - 'feed:' URI Multiple Input Validation Vulnerabilities
https://notcve.org/view.php?id=CVE-2009-0162
13 May 2009 — Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 Public Beta, on Apple Mac OS X 10.5 before 10.5.7 and Windows allows remote attackers to inject arbitrary web script or HTML via a crafted feed: URL. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Safari v3.2.3 y v4 Beta Pública, en el Apple Mac OS X v10.5 y anteriores a v10.5.7 y Windows permite a atacantes remotos inyectar script web arbitrario o HTML a través de una suscripción manipulada: URL. • https://www.exploit-db.com/exploits/32994 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 8%CPEs: 72EXPL: 0CVE-2009-0945 – Apple Safari Malformed SVGList Parsing Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-0945
13 May 2009 — Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SV... • http://code.google.com/p/chromium/issues/detail?id=9019 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 25%CPEs: 21EXPL: 0CVE-2009-0946 – freetype: multiple integer overflows
https://notcve.org/view.php?id=CVE-2009-0946
17 Apr 2009 — Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. Múltiples desbordamientos de entero en FreeType v2.3.9 y anteriores permiten a atacantes remotos ejecutar código de su elección mediante vectores relacionados con valores grandes en ciertas entradas en (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, y (3) cff/cffload.c. This GLSA contains ... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 3%CPEs: 1EXPL: 2CVE-2009-0744 – Apple Safari 4 - 'feeds:' URI Null Pointer Dereference Remote Denial of Service
https://notcve.org/view.php?id=CVE-2009-0744
27 Feb 2009 — Apple Safari 4 Beta build 528.16 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a feeds: URI beginning with a (1) % (percent), (2) { (open curly bracket), (3) } (close curly bracket), (4) ^ (caret), (5) ` (backquote), or (6) | (pipe) character, followed by an & (ampersand) character. Apple Safari v4 beta Build 528,16 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y caída de la aplicación) a través de los c... • https://www.exploit-db.com/exploits/32817 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 83%CPEs: 15EXPL: 1CVE-2008-3529 – Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
https://notcve.org/view.php?id=CVE-2008-3529
12 Sep 2008 — Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. Desbordamiento de búfer basado en pila en la función xmlParseAttValueComplex en el módulo parser.c de libxml2 versiones anteriores a 2.7.0 permite a atacantes dependientes del contexto provocar una denegación de servicio (parada inesperada) o la posibilidad de ejecutar código de su ... • https://www.exploit-db.com/exploits/8798 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •