CVSS: 7.5EPSS: 80%CPEs: 4EXPL: 3CVE-2006-1986
https://notcve.org/view.php?id=CVE-2006-1986
Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl. • http://secunia.com/advisories/19686 http://security-protocols.com/poc/sp-x26-1.html http://www.osvdb.org/24823 http://www.security-protocols.com/sp-x26-advisory.php http://www.securityfocus.com/bid/17634 http://www.vupen.com/english/advisories/2006/1452 https://exchange.xforce.ibmcloud.com/vulnerabilities/25946 •
CVSS: 5.1EPSS: 2%CPEs: 38EXPL: 1CVE-2006-1985 – Apple Mac OSX 10.x - '.zip' 'BOMStackPop()' Overflow
https://notcve.org/view.php?id=CVE-2006-1985
Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function. • https://www.exploit-db.com/exploits/27715 http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/19686 http://secunia.com/advisories/20077 http://securitytracker.com/id?1016082 http://www.osvdb.org/24819 http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233 http://www.security-protocols.com/sp-x25-advisory.php http://www.securityfocus.com/bid/17634 http://www.securityfocus.com/bid/17951 http://www.us • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 79%CPEs: 4EXPL: 3CVE-2006-1987
https://notcve.org/view.php?id=CVE-2006-1987
Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. NOTE: due to lack of diagnosis by the researcher, it is unclear which vector is responsible. • http://secunia.com/advisories/19686 http://security-protocols.com/poc/sp-x26-4.html http://www.security-protocols.com/sp-x26-advisory.php http://www.securityfocus.com/bid/17634 http://www.vupen.com/english/advisories/2006/1452 https://exchange.xforce.ibmcloud.com/vulnerabilities/25946 •
CVSS: 5.0EPSS: 3%CPEs: 4EXPL: 2CVE-2006-1988
https://notcve.org/view.php?id=CVE-2006-1988
The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function in Apple Safari 2.0.3 allows remote attackers to cause a denial of service (application crash) via an HTML LI tag with a large VALUE attribute (list item number), which triggers a null dereference in QPainter::drawText, probably due to a failed memory allocation that uses the VALUE. • http://secunia.com/advisories/19686 http://security-protocols.com/poc/sp-x26-2.html http://www.osvdb.org/24823 http://www.security-protocols.com/sp-x26-advisory.php http://www.securityfocus.com/bid/17634 http://www.vupen.com/english/advisories/2006/1452 https://exchange.xforce.ibmcloud.com/vulnerabilities/25946 •
CVSS: 5.0EPSS: 5%CPEs: 25EXPL: 0CVE-2006-1552
https://notcve.org/view.php?id=CVE-2006-1552
Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom". • http://drunkenblog.com/drunkenblog-archives/000760.html http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/20077 http://www.osvdb.org/25597 http://www.securityfocus.com/bid/17321 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1779 https://exchange.xforce.ibmcloud.com/vulnerabilities/26412 • CWE-189: Numeric Errors •