Page 222 of 1351 results (0.011 seconds)

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 1

CVE-2010-1822

https://notcve.org/view.php?id=CVE-2010-1822

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document. WebKit, tal y como es usado en Safari de Apple anterior a versión 4.1.3 y versiones 5.0.x anteriores a 5.0.3 y Chrome de Google anterior a versión 6.0.472.62, no realiza apropiadamente una conversión de una variable no especificada, que permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo de aplicación) por medio de un elemento SVG en un documento que no sea SVG. • http://code.google.com/p/chromium/issues/detail?id=55114 http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT4455 http://support • CWE-704: Incorrect Type Conversion or Cast •

CVSS: 9.3EPSS: 1%CPEs: 3EXPL: 0

CVE-2010-1823

https://notcve.org/view.php?id=CVE-2010-1823

Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098. Vulnerabilidad de usar después de liberar en WebKit en versiones anteriores a la vr65958, como se utiliza en Google Chrome en versiones anteriores a la v6.0.472.59, permite a atacantes remotos provocar una denegación de servicio y posiblemente provocar otros daños a través de vectores de ataque que provocan el uso de las APIs document tal como document.close durante el parseo, como se ha demostrado por un fichero de hojas de estilo en cascada (CSS) referenciando un "font" SVG, también conocido como problema rdar 8442098. • http://code.google.com/p/chromium/issues/detail?id=50250 http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://www& • CWE-416: Use After Free •

CVSS: 9.3EPSS: 4%CPEs: 10EXPL: 0

CVE-2010-1806 – Apple Safari Webkit Runin Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-1806

Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via run-in styling in an element, related to object pointers. Vulnerabilidad de uso después de la liberación en Apple Safari v4.x anteriores a v4.1.2 y v5.x anteriores a v5.0.2 , permite a atacantes remotos ejecutar código o provacar una denegación de servicio (caída de la aplicación) a través del acondicionamiento del estilo de un elemento, relacionado con objeto de punteros. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's support of an element containing the run-in property. When a block box is appended as the sibling of a run-in box, the run-in box will be promoted to the first inline box. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00001.html http://secunia.com/advisories/42314 http://support.apple.com/kb/HT4333 http://support.apple.com/kb/HT4456 http://www.securityfocus.com/bid/43049 http://www.vupen.com/english/advisories/2010/3046 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11729 • CWE-399: Resource Management Errors •

CVSS: 6.9EPSS: 0%CPEs: 11EXPL: 0

CVE-2010-1805

https://notcve.org/view.php?id=CVE-2010-1805

Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari. Vulnerabilidad ruta de búsqueda no confiable en Apple Safari v4.x anteriores a v4.1.2 y v5.x anteriores a v5.0.2 en Windows, permite a usuarios locales obtener privilegios a través del troyano explorer.exe (también conocido como Windows Explorer), programa que en un directorio contiene un fichero que puede ser descargado por Safari. • http://lists.apple.com/archives/security-announce/2010//Sep/msg00001.html http://support.apple.com/kb/HT4333 http://www.securityfocus.com/bid/43048 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11956 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 92%CPEs: 24EXPL: 2

CVE-2010-1807 – Google Android 2.0 < 2.1 - Code Execution (Reverse Shell 10.0.2.2:2222/TCP)

https://notcve.org/view.php?id=CVE-2010-1807

WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation. WebKit en Apple Safari v4.x anteriores a v4.1.2 y v5.x anteriores a v5.0.2 no valida de forma adecuada los datos con punto flotante, lo que permite a atacantes remotos ejecutar código o provocar una denegación de servicio (caída de la aplicación) a través de un documento HTML manipulado. • https://www.exploit-db.com/exploits/15423 https://www.exploit-db.com/exploits/15548 http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia.com/advisories/43086 http://support.apple.com/kb&# • CWE-20: Improper Input Validation •