NotCVE - vendor:"Apple" product:"Safari" version:"5.0.4"

Page 201 of 1083 results (0.013 seconds)

CVSS: 6.8EPSS: 0%CPEs: 99EXPL: 0

CVE-2011-3231

https://notcve.org/view.php?id=CVE-2011-3231

The SSL implementation in Apple Safari before 5.1.1 on Mac OS X before 10.7 accesses uninitialized memory during the processing of X.509 certificates, which allows remote web servers to execute arbitrary code via a crafted certificate. La implementación SSL en Apple Safari anterior a v5.1.1 en MAC OS X anterior a v10.7 accede a memoria no inicializada durante el procesamiento de certificados X.509, permitiendo a servidores web remotos ejecutar código arbitrario mediante una certificado manipulado. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/76390 http://support.apple.com/kb/HT5000 https://exchange.xforce.ibmcloud.com/vulnerabilities/70568 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.8EPSS: 93%CPEs: 99EXPL: 1

CVE-2011-3230 – Apple Safari - 'file://' Arbitrary Code Execution

https://notcve.org/view.php?id=CVE-2011-3230

Apple Safari before 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allows remote attackers to execute arbitrary code via a crafted web site. Apple Safari anterior a v5.1.1 en Mac OS X no aplica una política destinada a archivo: URLs, que permiten a atacantes remotos ejecutar código arbitrario a través de un sitio web diseñado. Apple Safari versions prior to 5.1.1 fail to enforce an intended policy for file:// URLs and in turn allows for remote attackers to execute code. • https://www.exploit-db.com/exploits/17986 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/76389 http://support.apple.com/kb/HT5000 http://www.securityfocus.com/bid/50162 https://exchange.xforce.ibmcloud.com/vulnerabilities/70567 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 126EXPL: 0

CVE-2011-3243

https://notcve.org/view.php?id=CVE-2011-3243

Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en WebKit, como se utiliza en Apple iOS antes de v5 y Safari antes de v5.1.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores que implican ventanas DOM inactivas. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/76353 http://support.apple.com/kb/HT4999 http://support.apple.com/kb/HT5000 http://www.securityfocus.com/bid/50088 https://exchange.xforce.ibmcloud.com/vulnerabilities/70564 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.8EPSS: 1%CPEs: 4EXPL: 0

CVE-2011-2877

https://notcve.org/view.php?id=CVE-2011-2877

Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font." Google Chrome antes de v14.0.835.202 no controla correctamente el texto SVG, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que conducen a una fuente de letra bloqueada. • http://code.google.com/p/chromium/issues/detail?id=95072 http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 http://www.securitytracker.com/id •

CVSS: 6.8EPSS: 8%CPEs: 4EXPL: 0

CVE-2011-2854

https://notcve.org/view.php?id=CVE-2011-2854

Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing." Vulnerabilidad de uso después de liberación en Google Chrome antes de v14.0.835.163 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con "el manejo del estilo ruby/table." • http://code.google.com/p/chromium/issues/detail?id=92651 http://code.google.com/p/chromium/issues/detail?id=94800 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://osvdb.org/75556 http://secunia.com/advisories/48274 http://secunia • CWE-416: Use After Free •

1...199 200 201 202 203