CVSS: 5.0EPSS: 6%CPEs: 1EXPL: 4CVE-2006-3372 – Apple Safari Web Browser 2.0.4 - DHTML SetAttributeNode() Null Dereference Denial of Service
https://notcve.org/view.php?id=CVE-2006-3372
Apple Safari 2.0.4/419.3 allows remote attackers to cause a denial of service (application crash) via a DHTML setAttributeNode function call with zero arguments, which triggers a null dereference. Apple Safari 2.0.4/419.3 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) mediante una llamada a la función DHTML setAttributeNode sin argumentos, que desemboca en una referencia nula. • https://www.exploit-db.com/exploits/28165 http://browserfun.blogspot.com/2006/07/mobb-5-dhtml-setattributenode.html http://securitytracker.com/id?1016441 http://www.osvdb.org/26838 http://www.securityfocus.com/bid/18822 http://www.vupen.com/english/advisories/2006/2671 https://exchange.xforce.ibmcloud.com/vulnerabilities/27594 •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2006-3224
https://notcve.org/view.php?id=CVE-2006-3224
Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote attackers to cause a denial of service (CPU consumption) via Javascript with an infinite for loop. NOTE: it could be argued that this is not a vulnerability, unless it interferes with the operation of the system outside of the scope of Safari itself. Apple Safari v2.0.3 (417.9.3) en Mac OS X v10.4.6 permite a atacantes remotos causar una denegación de servicio (consumo CPU) a través de Javascript con un bucle infinito. NOTA: esto podría ser argumentado como que no es una vulnerabilidad, a menos que interfiera con la operación del sistema fuera del alcance de Safari. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046150.html https://exchange.xforce.ibmcloud.com/vulnerabilities/26558 •
CVSS: 5.0EPSS: 9%CPEs: 2EXPL: 2CVE-2006-2019 – Apple Mac OSX Safari 2.0.3 (417.9.2) - 'ROWSPAN' Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2006-2019
Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute. • https://www.exploit-db.com/exploits/1715 http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045472.html http://secunia.com/advisories/19763 http://securitytracker.com/id?1015982 http://www.securityfocus.com/archive/1/431874/100/0/threaded http://www.securityfocus.com/archive/1/431944/100/0/threaded http://www.securityfocus.com/bid/17674 http://www.vupen.com/english/advisories/2006/1508 https://exchange.xforce.ibmcloud.com/vulnerabilities/25998 •
CVSS: 7.5EPSS: 80%CPEs: 4EXPL: 3CVE-2006-1986
https://notcve.org/view.php?id=CVE-2006-1986
Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl. • http://secunia.com/advisories/19686 http://security-protocols.com/poc/sp-x26-1.html http://www.osvdb.org/24823 http://www.security-protocols.com/sp-x26-advisory.php http://www.securityfocus.com/bid/17634 http://www.vupen.com/english/advisories/2006/1452 https://exchange.xforce.ibmcloud.com/vulnerabilities/25946 •
CVSS: 5.1EPSS: 2%CPEs: 38EXPL: 1CVE-2006-1985 – Apple Mac OSX 10.x - '.zip' 'BOMStackPop()' Overflow
https://notcve.org/view.php?id=CVE-2006-1985
Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function. • https://www.exploit-db.com/exploits/27715 http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/19686 http://secunia.com/advisories/20077 http://securitytracker.com/id?1016082 http://www.osvdb.org/24819 http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233 http://www.security-protocols.com/sp-x25-advisory.php http://www.securityfocus.com/bid/17634 http://www.securityfocus.com/bid/17951 http://www.us • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •