CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2009-2816
https://notcve.org/view.php?id=CVE-2009-2816
The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web page. La implementación de Cross-Origin Resource Sharing (CORS) en WebKit, tal como es usado en Safari de Apple anterior a versión 4.0.4 y Chrome de Google anterior a versión 3.0.195.33, incluye ciertos encabezados HTTP personalizados en la petición OPTIONS durante operaciones entre orígenes con comprobación previa, lo que facilita a los atacantes remotos conducir ataques de tipo cross-site request forgery (CSRF) por medio de una página web especialmente diseñada. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/59940 http://osvdb.org/59967 http://secunia.com/advisories/37346 http://secunia.com/advisories/37358 http://secunia.com/advisories/37393 http://secunia.com/advisories/37397 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT39 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.3EPSS: 0%CPEs: 69EXPL: 0CVE-2009-3384 – Firefox integer underflow in FTP directory list parser
https://notcve.org/view.php?id=CVE-2009-3384
Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing in a reply. Múltiples vulnerabilidades no especificadas en WebKit en Apple Safari en versiones anteriores a la 4.0.4 en Windows permiten a servidores FTP remotos ejecutar código de su elección, provocar una denegación de servicio (caída de la aplicación) o obtener información sensible mediante un listado de directorios manipulado en una respuesta. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/59943 http://secunia.com/advisories/37346 http://secunia.com/advisories/37393 http://secunia.com/advisories/37397 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT3949 http://support.apple.com/kb/HT4013 http://www.securityfoc • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.0EPSS: 0%CPEs: 69EXPL: 0CVE-2009-2841
https://notcve.org/view.php?id=CVE-2009-2841
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attackers to trigger sub-resource requests to arbitrary web sites via a crafted HTML document, as demonstrated by an HTML e-mail message that uses a media element for X-Confirm-Reading-To functionality, aka rdar problem 7271202. WebKit en Apple Safari en versiones anteriores a la 4.0.4 en Mac OS X no realiza las devoluciones de llamada esperadas para elementos multimedia HTML 5 que tienen URLs externas para recursos multimedia, lo que permite a atacantes remotos disparar peticiones a sitios web de su elección mediante un documento HTML manipulado, tal como se ha demostrado por un mensaje de correo electrónico HTML que usa un elemento multimedia para la funcionalidad X-Confirm-Reading-To. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044023.html http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044031.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/59941 http://secunia.com/advisories/37346 http://secunia.com/advisories/40557 http://secunia.com/ •
CVSS: 4.3EPSS: 0%CPEs: 59EXPL: 0CVE-2009-2842
https://notcve.org/view.php?id=CVE-2009-2842
Apple Safari before 4.0.4 does not properly implement certain (1) Open Image and (2) Open Link menu options, which allows remote attackers to read local HTML files via a crafted web site. Apple Safari en versiones anteriores a la 4.0.4 no implementa de manera apropiada las opciones de menu (1) Open Image y (2) Open Link, lo que permite a atacantes remotos leer ficheros HTML locales mediante un sitio web manipulado. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://osvdb.org/59942 http://secunia.com/advisories/37346 http://support.apple.com/kb/HT3949 http://www.securityfocus.com/bid/36994 http://www.securitytracker.com/id?1023164 http://www.vupen.com/english/advisories/2009/3217 https://exchange.xforce.ibmcloud.com/vulnerabilities/54238 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5915 •
CVSS: 7.5EPSS: 0%CPEs: 48EXPL: 0CVE-2009-3455
https://notcve.org/view.php?id=CVE-2009-3455
Apple Safari, possibly before 4.0.3, on Mac OS X does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. Apple Safari, posiblemente anterior a v4.0.3, en Mac OS X no maneja adecuadamente un carácter '\0' en un nombre de dominio de sujeto en el campo Common Name (CN) de un certificado X.509, lo que permite a atacantes hombre-en-el-medio (Man-in-the-middle) suplantar cualquier servidor SSL a través de un certificado manipulado expedido por una Autoridad de Certificación legítima, relacionado con CVE-2009-2408. • http://www.networkworld.com/news/2009/091709-microsoft-ie-security-hole.html http://www.securityfocus.com/bid/36477 • CWE-310: Cryptographic Issues •