CVSS: 9.3EPSS: 3%CPEs: 34EXPL: 1CVE-2009-1687 – kdelibs: Integer overflow in KJS JavaScript garbage collector
https://notcve.org/view.php?id=CVE-2009-1687
10 Jun 2009 — The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an "offset of a NULL pointer." El JavaScript garbage collector en WebKit en Apple Safari anteriores a v4.0 no maneja adecuadamente la ... • http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html • CWE-190: Integer Overflow or Wraparound CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 6%CPEs: 76EXPL: 1CVE-2009-1690 – kdelibs: KHTML Incorrect handling <head> element content once the <head> element was removed (DoS, ACE)
https://notcve.org/view.php?id=CVE-2009-1690
10 Jun 2009 — Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers.... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=803 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 3%CPEs: 48EXPL: 1CVE-2009-1701 – Apple WebKit dir Attribute Freeing Dangling Object Pointer Vulnerability
https://notcve.org/view.php?id=CVE-2009-1701
08 Jun 2009 — Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute. Vulnerabilidad de uso después de la liberación en la implementación en WebKit en Apple Safari anteriores a v4.0... • http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 4%CPEs: 34EXPL: 0CVE-2009-1709 – Apple Safari SVG Set.targetElement() Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-1709
08 Jun 2009 — Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified "caches." Vulnerabilidad de uso después de la liberación en la implementación de la recolección de basura en WebCore en WebKit en Apple Safari anterior... • http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 9.3EPSS: 7%CPEs: 62EXPL: 1CVE-2009-1698 – Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-1698
08 Jun 2009 — WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. WebKit en Apple Safari anteriores a v4.0 no inicializa un puntero durante el proceso de llamada de función attr C... • http://blog.zoller.lu/2009/05/advisory-apple-safari-remote-code.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 3%CPEs: 70EXPL: 1CVE-2009-0162 – Apple Safari 3.2.2 - 'feed:' URI Multiple Input Validation Vulnerabilities
https://notcve.org/view.php?id=CVE-2009-0162
13 May 2009 — Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 Public Beta, on Apple Mac OS X 10.5 before 10.5.7 and Windows allows remote attackers to inject arbitrary web script or HTML via a crafted feed: URL. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Safari v3.2.3 y v4 Beta Pública, en el Apple Mac OS X v10.5 y anteriores a v10.5.7 y Windows permite a atacantes remotos inyectar script web arbitrario o HTML a través de una suscripción manipulada: URL. • https://www.exploit-db.com/exploits/32994 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 9%CPEs: 72EXPL: 0CVE-2009-0945 – Apple Safari Malformed SVGList Parsing Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-0945
13 May 2009 — Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SV... • http://code.google.com/p/chromium/issues/detail?id=9019 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 25%CPEs: 21EXPL: 0CVE-2009-0946 – freetype: multiple integer overflows
https://notcve.org/view.php?id=CVE-2009-0946
17 Apr 2009 — Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. Múltiples desbordamientos de entero en FreeType v2.3.9 y anteriores permiten a atacantes remotos ejecutar código de su elección mediante vectores relacionados con valores grandes en ciertas entradas en (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, y (3) cff/cffload.c. This GLSA contains ... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1CVE-2009-1233 – Apple Safari 3.2.2/4b - nested elements XML Parsing Remote Crash
https://notcve.org/view.php?id=CVE-2009-1233
02 Apr 2009 — Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to cause a denial of service (application crash) via an XML document containing many nested A elements. Apple Safari v3.2.2 y v4 Beta en Windows permite a atacantes remotos producir una denegación de servicio (caída de aplicación) a través de un documento XML que contiene elementos "A" anidados. • https://www.exploit-db.com/exploits/8325 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 3%CPEs: 1EXPL: 2CVE-2009-0744 – Apple Safari 4 - 'feeds:' URI Null Pointer Dereference Remote Denial of Service
https://notcve.org/view.php?id=CVE-2009-0744
27 Feb 2009 — Apple Safari 4 Beta build 528.16 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a feeds: URI beginning with a (1) % (percent), (2) { (open curly bracket), (3) } (close curly bracket), (4) ^ (caret), (5) ` (backquote), or (6) | (pipe) character, followed by an & (ampersand) character. Apple Safari v4 beta Build 528,16 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y caída de la aplicación) a través de los c... • https://www.exploit-db.com/exploits/32817 • CWE-20: Improper Input Validation •