CVSS: 9.3EPSS: 6%CPEs: 62EXPL: 1CVE-2009-1698 – Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-1698
08 Jun 2009 — WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. WebKit en Apple Safari anteriores a v4.0 no inicializa un puntero durante el proceso de llamada de función attr C... • http://blog.zoller.lu/2009/05/advisory-apple-safari-remote-code.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 3%CPEs: 48EXPL: 1CVE-2009-1701 – Apple WebKit dir Attribute Freeing Dangling Object Pointer Vulnerability
https://notcve.org/view.php?id=CVE-2009-1701
08 Jun 2009 — Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute. Vulnerabilidad de uso después de la liberación en la implementación en WebKit en Apple Safari anteriores a v4.0... • http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 3%CPEs: 34EXPL: 0CVE-2009-1709 – Apple Safari SVG Set.targetElement() Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-1709
08 Jun 2009 — Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." Vulnerabilidad de uso después de la liberación en la implementación de la recolección de basura en WebCore en WebKit en Apple Safari anterior... • http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 6.1EPSS: 3%CPEs: 70EXPL: 1CVE-2009-0162 – Apple Safari 3.2.2 - 'feed:' URI Multiple Input Validation Vulnerabilities
https://notcve.org/view.php?id=CVE-2009-0162
13 May 2009 — Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 Public Beta, on Apple Mac OS X 10.5 before 10.5.7 and Windows allows remote attackers to inject arbitrary web script or HTML via a crafted feed: URL. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Safari v3.2.3 y v4 Beta Pública, en el Apple Mac OS X v10.5 y anteriores a v10.5.7 y Windows permite a atacantes remotos inyectar script web arbitrario o HTML a través de una suscripción manipulada: URL. • https://www.exploit-db.com/exploits/32994 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 8%CPEs: 72EXPL: 0CVE-2009-0945 – Apple Safari Malformed SVGList Parsing Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-0945
13 May 2009 — Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SV... • http://code.google.com/p/chromium/issues/detail?id=9019 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-476: NULL Pointer Dereference •
CVSS: 2.6EPSS: 2%CPEs: 16EXPL: 0CVE-2008-4233
https://notcve.org/view.php?id=CVE-2008-4233
25 Nov 2008 — Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone calls via a crafted HTML document. Safari en Apple iPhone OS v1.0 hasta v2.1 e iPhone OS para iPod touch v1.1 hasta v2.1; no aísla el diálogo de aceptar llamadas (call-approval) del proceso de lanzamiento de nuevas aplicaciones, esto permite a atacantes remotos realizar llamadas d... • http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html •
CVSS: 6.5EPSS: 1%CPEs: 16EXPL: 0CVE-2008-4232
https://notcve.org/view.php?id=CVE-2008-4232
25 Nov 2008 — Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document. Safari en Apple iPhone OS 2.0 hasta 2.1 y iPhone OS para iPod touch 2.1 no restringe mostrar contenidos IFRAME para los límites del IFRAME, el cual permite a los atacantes remotos espiar una interfaz de usuario a través de documentos HTML manipulados. • http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html •
CVSS: 9.3EPSS: 12%CPEs: 16EXPL: 0CVE-2008-4231
https://notcve.org/view.php?id=CVE-2008-4231
25 Nov 2008 — Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. Safari en Apple iPhone OS v1.0 hasta v2.1 e iPhone OS para iPod touch v1.1 hasta v2.1 no maneja adecuadamente los elementos HTML TABLE, esto permite a atacantes remotos ejecutar código de su elección o provocar una denegaci... • http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 3.3EPSS: 0%CPEs: 42EXPL: 0CVE-2008-3644
https://notcve.org/view.php?id=CVE-2008-3644
17 Nov 2008 — Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache. Apple Safari anterior a v3.2. no previene de forma adecuada el cambio de los datos del formulario para campos de formulario que tienen autocompletar desactivado; esto permite a usuarios locales obtener información sensible al leer la página cacheada en el navegador. • http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 29%CPEs: 45EXPL: 0CVE-2008-3623
https://notcve.org/view.php?id=CVE-2008-3623
17 Nov 2008 — Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2 on Windows, in iPhone OS 1.0 through 2.2.1, and in iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image, related to improper handling of color spaces. Desbordamiento de búfer basado en montículo en CoreGraphics en Apple Safari antes de v3.2 en Windows permite a atacantes remotos ejecutar código de su elección o provocar una denegac... • http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •