CVSS: 5.0EPSS: 0%CPEs: 69EXPL: 0CVE-2009-2841
https://notcve.org/view.php?id=CVE-2009-2841
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attackers to trigger sub-resource requests to arbitrary web sites via a crafted HTML document, as demonstrated by an HTML e-mail message that uses a media element for X-Confirm-Reading-To functionality, aka rdar problem 7271202. WebKit en Apple Safari en versiones anteriores a la 4.0.4 en Mac OS X no realiza las devoluciones de llamada esperadas para elementos multimedia HTML 5 que tienen URLs externas para recursos multimedia, lo que permite a atacantes remotos disparar peticiones a sitios web de su elección mediante un documento HTML manipulado, tal como se ha demostrado por un mensaje de correo electrónico HTML que usa un elemento multimedia para la funcionalidad X-Confirm-Reading-To. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044031.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/59941 http://secunia.com/advisories/37346 http://secunia.com/advisories/40557 http://secunia.com/ •
CVSS: 4.3EPSS: 0%CPEs: 59EXPL: 0CVE-2009-2842
https://notcve.org/view.php?id=CVE-2009-2842
Apple Safari before 4.0.4 does not properly implement certain (1) Open Image and (2) Open Link menu options, which allows remote attackers to read local HTML files via a crafted web site. Apple Safari en versiones anteriores a la 4.0.4 no implementa de manera apropiada las opciones de menu (1) Open Image y (2) Open Link, lo que permite a atacantes remotos leer ficheros HTML locales mediante un sitio web manipulado. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://osvdb.org/59942 http://secunia.com/advisories/37346 http://support.apple.com/kb/HT3949 http://www.securityfocus.com/bid/36994 http://www.securitytracker.com/id?1023164 http://www.vupen.com/english/advisories/2009/3217 https://exchange.xforce.ibmcloud.com/vulnerabilities/54238 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5915 •
CVSS: 7.5EPSS: 0%CPEs: 48EXPL: 0CVE-2009-3455
https://notcve.org/view.php?id=CVE-2009-3455
Apple Safari, possibly before 4.0.3, on Mac OS X does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. Apple Safari, posiblemente anterior a v4.0.3, en Mac OS X no maneja adecuadamente un carácter '\0' en un nombre de dominio de sujeto en el campo Common Name (CN) de un certificado X.509, lo que permite a atacantes hombre-en-el-medio (Man-in-the-middle) suplantar cualquier servidor SSL a través de un certificado manipulado expedido por una Autoridad de Certificación legítima, relacionado con CVE-2009-2408. • http://www.networkworld.com/news/2009/091709-microsoft-ie-security-hole.html http://www.securityfocus.com/bid/36477 • CWE-310: Cryptographic Issues •
CVSS: 5.0EPSS: 62%CPEs: 6EXPL: 2CVE-2009-3272 – Apple Safari 3.2.3 (Windows x86) - JavaScript 'eval' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2009-3272
Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safari 3.2.3, and possibly other versions before 4.1.2, allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls eval on a long string composed of A/ sequences. Vulnerabilidad de agotamiento de pila en WebKit.dll en WebKit en Apple Safari v3.2.3, y posiblemente otras versiones anteriores a v4.1.2, permite a atacantes remotos provocar una denegación de servicio (fin de la aplicación) mediante código JavaScript que realiza peticiones de evaluación sobre una cadena larga compuesta de secuencias A/. • https://www.exploit-db.com/exploits/9606 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://www.exploit-db.com/exploits/9606 http://www.vupen.com/english/advisories/2011/0212 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 3%CPEs: 73EXPL: 0CVE-2009-2804
https://notcve.org/view.php?id=CVE-2009-2804
Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow. Un desbordamiento enteros en ColorSync en Mac OS X versiones 10.4.11 y 10.5.8, y Safari anterior a versión 4.0.4, de Apple, en Windows, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo de aplicación) por medio de un bloqueo de un perfil ColorSync diseñado insertado en una imagen, conllevando a un desbordamiento de búfer en la región heap de la memoria. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://osvdb.org/57949 http://secunia.com/advisories/36701 http://secunia.com/advisories/37346 http://support.apple.com/kb/HT3865 http://support.apple.com/kb/HT3949 http://www.securityfocus.com/bid/36357 http://www.vupen.com/english/advisories/2009/3217 https://exchange.xforce.ibmcloud.com/vulnerabilities/53166 • CWE-189: Numeric Errors •