CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 5CVE-2009-1699 – WebKit - XML External Entity Information Disclosure
https://notcve.org/view.php?id=CVE-2009-1699
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a file:///etc/passwd URL in an entity declaration, related to an "XXE attack." La implementación de la hoja de estilo XSL en WebKit en Apple Safari anterior a v4.0 no maneja adecuadamente las entidades externas XML, lo cual permite a atacantes remotos leer ficheros arbitrarios a través de un DTD elaborado, como lo demuestra un fichero: ///etc/passwd URL en una declaración de entidad, relacionado con un "ataque XXE". • https://www.exploit-db.com/exploits/33034 http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/54972 http://scary.beasts.org/security/CESA-2009-006.html http://scarybeastsecurity.blogspot.com/2009/06/apples-safari-4-fixes-local-file-theft.html http://secunia.com/advisories/35379 http://secunia.com/ad • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.1EPSS: 0%CPEs: 34EXPL: 2CVE-2009-1703
https://notcve.org/view.php?id=CVE-2009-1703
WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within (1) audio and (2) video elements, which allows remote attackers to determine the existence of arbitrary files via a crafted HTML document. WebKit en Apple Safari anterior a v4.0 no prevé las referencias a archivos; URLs con elementos de (1) audio y (2) vídeo, lo que permite a atacantes remotos determinar la existencia de archivos de su elección a través de un documento HTML manipulado. • http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/55009 http://secunia.com/advisories/35379 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT3613 http://www.securityfocus.com/bid/35260 http://www.securityfocus.com/bid/35333 http://www.vupen.com/english/advisories/2009/1522 http://www.vupen.com/english/advisories/2011/0212 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 2%CPEs: 12EXPL: 1CVE-2009-1705
https://notcve.org/view.php?id=CVE-2009-1705
CoreGraphics in Apple Safari before 4.0 on Windows does not properly use arithmetic during automatic hinting of TrueType fonts, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted font data. CoreGraphics en Apple Safari anteriores a v4.0 en Windows no utiliza adecuadamente la aritmética durante la inicialización automática de las fuentes TrueType, lo que permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (consumo de memoria y caída de aplicación) a través de una fuente de datos manipulada. • http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://osvdb.org/54974 http://secunia.com/advisories/35379 http://support.apple.com/kb/HT3613 http://www.securityfocus.com/bid/35260 http://www.securityfocus.com/bid/35308 http://www.vupen.com/english/advisories/2009/1522 • CWE-189: Numeric Errors •
CVSS: 1.2EPSS: 0%CPEs: 12EXPL: 1CVE-2009-1707
https://notcve.org/view.php?id=CVE-2009-1707
Race condition in the Reset Safari implementation in Apple Safari before 4.0 on Windows might allow local users to read stored web-site passwords via unspecified vectors. Condición de carrera en la implementación de "Reset Safari" en Apple Safari anteriores a la v4.0 en Windows permitiría a usuarios locales leer contraseñas web a través de vectores sin especificar. • http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://osvdb.org/55012 http://secunia.com/advisories/35379 http://secunia.com/advisories/42314 http://support.apple.com/kb/HT3613 http://support.apple.com/kb/HT4456 http://www.securityfocus.com/bid/35260 http://www.securityfocus.com/bid/35352 http://www.vupen.com/english/advisories/2009/1522 http://www.vupen.com/english& • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 2%CPEs: 34EXPL: 1CVE-2009-1711
https://notcve.org/view.php?id=CVE-2009-1711
WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document. WebKit en Apple Safari anterior a v4.0 no inicializa correctamente memoria para los objetos Attr DOM, lo cual permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (cuelgue de la aplicación) a través de un documento HTML elaborado. • http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/55015 http://secunia.com/advisories/35379 http://secunia.com/advisories/36790 http://secunia.com/advisories/37746 http://secunia.com/advisories/43068 http://securitytracker.com/id?1022345 http://support.apple.com/kb/HT3613 http://www.debian.org/security/2009/dsa-1950 http://www.securityfocus.com/bid/35260 http: • CWE-399: Resource Management Errors •