CVE-2011-0223
https://notcve.org/view.php?id=CVE-2011-0223
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. WebKit, como se usa en el navegaodor Safari de Apple antes de v5.0.6, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio ( corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a otros CVEs de WebKit que figuran en APPLE-SA-2011-07-20-1. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-1420
https://notcve.org/view.php?id=CVE-2010-1420
Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en CFNetwork en Apple Safari anterior a v5.0.6 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un fichero en texto plano manipulado • http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-0222 – Apple Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
https://notcve.org/view.php?id=CVE-2011-0222
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. WebKit, como se usa en el navegaodor Safari de Apple antes de v5.0.6, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio ( corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabilidad diferente a otros CVEs de WebKit que figuran en APPLE-SA-2011-07-20-1. • https://www.exploit-db.com/exploits/17567 https://www.exploit-db.com/exploits/17575 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://securityreason.com/securityalert/8313 http://securityreason.com/securityalert/8315 http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://suppo • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-0219
https://notcve.org/view.php?id=CVE-2011-0219
Apple Safari before 5.0.6 allows remote attackers to bypass the Same Origin Policy, and modify the rendering of text from arbitrary web sites, via a Java applet that loads fonts. Apple Safari anterior a v5.0.6 permite a atacantes remotos evitar el Same Origin Policy, y modificar el renderizado de texto de sitios web de su elección, a través de un applet Java que carga fuentes. • http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-0237
https://notcve.org/view.php?id=CVE-2011-0237
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. WebKit, empleado en Safari anterior a v5.0.6, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria o caída de aplicación) a través de un sitio web manipulado. Vulnerabilidad distinta de APPLE-SA-2011-07-20-1. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •