CVSS: 4.3EPSS: 0%CPEs: 70EXPL: 1CVE-2009-0162 – Apple Safari 3.2.2 - 'feed:' URI Multiple Input Validation Vulnerabilities
https://notcve.org/view.php?id=CVE-2009-0162
Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 Public Beta, on Apple Mac OS X 10.5 before 10.5.7 and Windows allows remote attackers to inject arbitrary web script or HTML via a crafted feed: URL. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Safari v3.2.3 y v4 Beta Pública, en el Apple Mac OS X v10.5 y anteriores a v10.5.7 y Windows permite a atacantes remotos inyectar script web arbitrario o HTML a través de una suscripción manipulada: URL. • https://www.exploit-db.com/exploits/32994 http://lists.apple.com/archives/security-announce/2009/May/msg00000.html http://lists.apple.com/archives/security-announce/2009/May/msg00001.html http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://secunia.com/advisories/35056 http://secunia.com/advisories/35074 http://support.apple.com/kb/HT3549 http://support.apple.com/kb/HT3550 http://www.securityfocus.com/bid/34925 http://www.securitytracker.com/id?1022 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 6%CPEs: 72EXPL: 0CVE-2009-0945 – Apple Safari Malformed SVGList Parsing Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-0945
Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption. WebKit, utilizado en Safari anterior a v3.2.3 y v4 Public Beta, en Apple Mac OS X v10.4.11 y v10.5 y anteriores a v10.5.7 y Windows permite a atacantes remotos ejecutar código arbitrario a través de un objeto elaborado SVGList que provoca una corrupción de memoria. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the parsing of malformed SVGLists via the SVGPathList data structure, the following lists are affected: SVGTransformList, SVGStringList, SVGNumberList, SVGPathSegList, SVGPointList, SVGLengthList. When a negative index argument is suppled to the insertItemBefore() method, a memory corruption occurs resulting in the ability to execute arbitrary code. • http://code.google.com/p/chromium/issues/detail?id=9019 http://googlechromereleases.blogspot.com/2009/05/stable-update-bug-fix.html http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.apple.com/archives/security-announce/2009/May/msg00000.html http://lists.apple.com/archives/security-announce/2009/May/msg00001.html http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html&# • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-476: NULL Pointer Dereference •
CVSS: 1.9EPSS: 0%CPEs: 42EXPL: 0CVE-2008-3644
https://notcve.org/view.php?id=CVE-2008-3644
Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache. Apple Safari anterior a v3.2. no previene de forma adecuada el cambio de los datos del formulario para campos de formulario que tienen autocompletar desactivado; esto permite a usuarios locales obtener información sensible al leer la página cacheada en el navegador. • http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html http://secunia.com/advisories/32706 http://secunia.com/advisories/32756 http://support.apple.com/kb/HT3298 http://support.apple.com/kb/HT3318 http://www.securityfocus.com/bid/32291 http://www.securitytracker.com/id?1021226 http://www.vupen.com/english/advisories/2008/3232 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 7%CPEs: 45EXPL: 0CVE-2008-3623
https://notcve.org/view.php?id=CVE-2008-3623
Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2 on Windows, in iPhone OS 1.0 through 2.2.1, and in iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image, related to improper handling of color spaces. Desbordamiento de búfer basado en montículo en CoreGraphics en Apple Safari antes de v3.2 en Windows permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) mediante una imagen manipulada, relacionado con el manejo inadecuado de espacios de color. • http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://secunia.com/advisories/32706 http://secunia.com/advisories/33179 http://support.apple.com/kb/HT3298 http://support.apple.com/kb/HT3338 http://support.apple.com/kb/HT3639 http://www.securityfocus.com/bid/32291 http://www.securitytracker.com/id&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 42EXPL: 0CVE-2008-4216
https://notcve.org/view.php?id=CVE-2008-4216
The plug-in interface in WebKit in Apple Safari before 3.2 does not prevent plug-ins from accessing local URLs, which allows remote attackers to obtain sensitive information via vectors that "launch local files." La interface plug-in en WebKit de Apple Safari versiones anteiores a v3.2 no impide que los plug-ins de acceso de URLs local, lo cual permite a atacantes remotos obtener información sensible a través de vectores que "lanzan archivos locales". • http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html http://secunia.com/advisories/32706 http://support.apple.com/kb/HT3298 http://www.securityfocus.com/bid/32291 http://www.securitytracker.com/id?1021227 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •