CVSS: 6.5EPSS: 9%CPEs: 25EXPL: 0CVE-2006-1552
https://notcve.org/view.php?id=CVE-2006-1552
31 Mar 2006 — Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom". • http://drunkenblog.com/drunkenblog-archives/000760.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2004-1314
https://notcve.org/view.php?id=CVE-2004-1314
22 Dec 2004 — Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability, a different vulnerability than CVE-2004-1122. • http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 1CVE-2004-1199
https://notcve.org/view.php?id=CVE-2004-1199
15 Dec 2004 — Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029458.html •
CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 2CVE-2004-0361 – Apple Safari 1.x - Large JavaScript Array Handling Denial of Service
https://notcve.org/view.php?id=CVE-2004-0361
18 Mar 2004 — The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service (segmentation fault) by creating a new Array object with a large size value, then writing into that array. • https://www.exploit-db.com/exploits/23793 •