CVE-2009-4186 – Apple Safari 4.0.3 (Windows x86) - 'CSS' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2009-4186
Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets (CSS) background property. Vulnerabilidad de consumo de pila en Apple Safari v4.0.3 sobre Windows, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un valor largo en el valor de la URI (también conocida como url) sobre la propiedad "background" en los CSS. • https://www.exploit-db.com/exploits/10102 http://www.exploit-db.com/exploits/10102 http://www.securityfocus.com/bid/37039 https://exchange.xforce.ibmcloud.com/vulnerabilities/54487 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-2841
https://notcve.org/view.php?id=CVE-2009-2841
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attackers to trigger sub-resource requests to arbitrary web sites via a crafted HTML document, as demonstrated by an HTML e-mail message that uses a media element for X-Confirm-Reading-To functionality, aka rdar problem 7271202. WebKit en Apple Safari en versiones anteriores a la 4.0.4 en Mac OS X no realiza las devoluciones de llamada esperadas para elementos multimedia HTML 5 que tienen URLs externas para recursos multimedia, lo que permite a atacantes remotos disparar peticiones a sitios web de su elección mediante un documento HTML manipulado, tal como se ha demostrado por un mensaje de correo electrónico HTML que usa un elemento multimedia para la funcionalidad X-Confirm-Reading-To. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044031.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/59941 http://secunia.com/advisories/37346 http://secunia.com/advisories/40557 http://secunia.com/ •
CVE-2009-2842
https://notcve.org/view.php?id=CVE-2009-2842
Apple Safari before 4.0.4 does not properly implement certain (1) Open Image and (2) Open Link menu options, which allows remote attackers to read local HTML files via a crafted web site. Apple Safari en versiones anteriores a la 4.0.4 no implementa de manera apropiada las opciones de menu (1) Open Image y (2) Open Link, lo que permite a atacantes remotos leer ficheros HTML locales mediante un sitio web manipulado. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://osvdb.org/59942 http://secunia.com/advisories/37346 http://support.apple.com/kb/HT3949 http://www.securityfocus.com/bid/36994 http://www.securitytracker.com/id?1023164 http://www.vupen.com/english/advisories/2009/3217 https://exchange.xforce.ibmcloud.com/vulnerabilities/54238 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5915 •
CVE-2009-2816
https://notcve.org/view.php?id=CVE-2009-2816
The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web page. La implementación de Cross-Origin Resource Sharing (CORS) en WebKit, tal como es usado en Safari de Apple anterior a versión 4.0.4 y Chrome de Google anterior a versión 3.0.195.33, incluye ciertos encabezados HTTP personalizados en la petición OPTIONS durante operaciones entre orígenes con comprobación previa, lo que facilita a los atacantes remotos conducir ataques de tipo cross-site request forgery (CSRF) por medio de una página web especialmente diseñada. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/59940 http://osvdb.org/59967 http://secunia.com/advisories/37346 http://secunia.com/advisories/37358 http://secunia.com/advisories/37393 http://secunia.com/advisories/37397 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT39 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2009-3384 – Firefox integer underflow in FTP directory list parser
https://notcve.org/view.php?id=CVE-2009-3384
Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing in a reply. Múltiples vulnerabilidades no especificadas en WebKit en Apple Safari en versiones anteriores a la 4.0.4 en Windows permiten a servidores FTP remotos ejecutar código de su elección, provocar una denegación de servicio (caída de la aplicación) o obtener información sensible mediante un listado de directorios manipulado en una respuesta. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/59943 http://secunia.com/advisories/37346 http://secunia.com/advisories/37393 http://secunia.com/advisories/37397 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT3949 http://support.apple.com/kb/HT4013 http://www.securityfoc • CWE-190: Integer Overflow or Wraparound •