CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1076
https://notcve.org/view.php?id=CVE-2015-1076
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, usado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web modificado, una vulnerabilidad diferente de otros CVEs listados en APPLE-SA-2015-03-17-1. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://lists.apple.com/archives/security-announce/2015/Mar/msg00004.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html http://www.securitytracker.com/id/1031936 http://www.ubuntu.com/usn/USN-2937-1 https://support.apple.com/HT204560 https://support • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1081
https://notcve.org/view.php?id=CVE-2015-1081
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, usado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web modificado, una vulnerabilidad diferente de otros CVEs listados en APPLE-SA-2015-03-17-1. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://lists.apple.com/archives/security-announce/2015/Mar/msg00004.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html http://www.securitytracker.com/id/1031936 http://www.ubuntu.com/usn/USN-2937-1 https://support.apple.com/HT204560 https://support • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1083
https://notcve.org/view.php?id=CVE-2015-1083
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, usado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web modificado, una vulnerabilidad diferente de otros CVEs listados en APPLE-SA-2015-03-17-1. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html http://lists.apple.com/archives/security-announce/2015/Apr/msg00003.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html http://lists.apple.com/archives/security-announce/2015/Mar/msg00004.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html http://www.securitytracker.com/id/1031936 http://www.ubuntu.com/usn/USN-2937-1 https://support.apple.com/HT204560 https://support • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 0%CPEs: 81EXPL: 0CVE-2009-2200
https://notcve.org/view.php?id=CVE-2009-2200
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document. WebKit en Apple Safari anteriores a v4.0.3 no restringe apropiadamente el esquema URL del atributo pluginspage de un elemento EMBED, lo que permite a los atacantes remotos asistidos por usuarios lanzar un archivo arbitrario: URLs y obtener información sensible a través de un documento HTML manipulado. • http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://support.apple.com/kb/HT3733 http://www.securityfocus.com/bid/36024 http://www.securitytracker.com/id?1022720 http://www.vupen.com/english/advisories/2011/0212 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 90%CPEs: 81EXPL: 1CVE-2009-2195 – WebKit - Floating Point Number Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-2195
Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted floating-point numbers. Desbordamiento de búfer en WebKit en Apple Safari anteriores a v4.0.3, permite a los atacantes remotos ejecutar arbitrariamente código o causar una denegación de servicio (caída de la aplicación) a través de un número punto-flotante manipulado. • https://www.exploit-db.com/exploits/33164 http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://support.apple.com/kb/HT3733 http://support.apple.com/kb/HT4225 http://www.securityfocus.com/bid/36023 http://www.securitytracker.com/id?1022717 http://www.vupen.com/english/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •