CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2004-1314
https://notcve.org/view.php?id=CVE-2004-1314
Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability, a different vulnerability than CVE-2004-1122. • http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html http://secunia.com/advisories/13252 http://secunia.com/multiple_browsers_window_injection_vulnerability_test http://secunia.com/secunia_research/2004-13/advisory https://exchange.xforce.ibmcloud.com/vulnerabilities/18397 •
CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 1CVE-2004-1199
https://notcve.org/view.php?id=CVE-2004-1199
Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029458.html http://www.securityfocus.com/bid/11759 https://exchange.xforce.ibmcloud.com/vulnerabilities/18282 •
CVSS: 5.0EPSS: 3%CPEs: 3EXPL: 2CVE-2004-0361 – Apple Safari 1.x - Large JavaScript Array Handling Denial of Service
https://notcve.org/view.php?id=CVE-2004-0361
The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service (segmentation fault) by creating a new Array object with a large size value, then writing into that array. • https://www.exploit-db.com/exploits/23793 http://marc.info/?l=bugtraq&m=107861828510106&w=2 http://www.insecure.ws/article.php?story=2004021918172533 http://www.securityfocus.com/bid/9815 https://exchange.xforce.ibmcloud.com/vulnerabilities/15413 •