CVSS: 7.5EPSS: 11%CPEs: 2EXPL: 2CVE-2006-2019 – Apple Mac OSX Safari 2.0.3 (417.9.2) - 'ROWSPAN' Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2006-2019
25 Apr 2006 — Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute. • https://www.exploit-db.com/exploits/1715 •
CVSS: 9.8EPSS: 80%CPEs: 4EXPL: 3CVE-2006-1987
https://notcve.org/view.php?id=CVE-2006-1987
21 Apr 2006 — Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. NOTE: due to lack of diagnosis by the researcher, it is unclear which vector is responsible. • http://secunia.com/advisories/19686 •
CVSS: 9.8EPSS: 80%CPEs: 4EXPL: 3CVE-2006-1986
https://notcve.org/view.php?id=CVE-2006-1986
21 Apr 2006 — Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl. • http://secunia.com/advisories/19686 •
CVSS: 7.8EPSS: 18%CPEs: 38EXPL: 1CVE-2006-1985 – Apple Mac OSX 10.x - '.zip' 'BOMStackPop()' Overflow
https://notcve.org/view.php?id=CVE-2006-1985
21 Apr 2006 — Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function. • https://www.exploit-db.com/exploits/27715 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 7%CPEs: 4EXPL: 2CVE-2006-1988
https://notcve.org/view.php?id=CVE-2006-1988
21 Apr 2006 — The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function in Apple Safari 2.0.3 allows remote attackers to cause a denial of service (application crash) via an HTML LI tag with a large VALUE attribute (list item number), which triggers a null dereference in QPainter::drawText, probably due to a failed memory allocation that uses the VALUE. • http://secunia.com/advisories/19686 •
CVSS: 6.5EPSS: 9%CPEs: 25EXPL: 0CVE-2006-1552
https://notcve.org/view.php?id=CVE-2006-1552
31 Mar 2006 — Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom". • http://drunkenblog.com/drunkenblog-archives/000760.html • CWE-189: Numeric Errors •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-4678
https://notcve.org/view.php?id=CVE-2005-4678
31 Dec 2005 — Apple Safari 2.0.2 (aka 416.12) allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. • http://secunia.com/advisories/17618 •
CVSS: 7.8EPSS: 37%CPEs: 75EXPL: 3CVE-2005-4504 – Apple Mac OSX - KHTMLParser Remote Denial of Service
https://notcve.org/view.php?id=CVE-2005-4504
22 Dec 2005 — The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. • https://www.exploit-db.com/exploits/26971 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3897
https://notcve.org/view.php?id=CVE-2005-3897
29 Nov 2005 — Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function. • http://marc.info/?l=bugtraq&m=113278010907401&w=2 •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2005-2524
https://notcve.org/view.php?id=CVE-2005-2524
25 Oct 2005 — Safari after 2.0 in Apple Mac OS X 10.3.9 allows remote attackers to bypass domain restrictions via crafted web archives that cause Safari to render them as if they came from a different site. • http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html •