CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 3CVE-2005-2594 – Apple Safari 1.3 Web Browser - JavaScript Invalid Address Denial of Service
https://notcve.org/view.php?id=CVE-2005-2594
Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body. • https://www.exploit-db.com/exploits/26128 http://www.securityfocus.com/archive/1/407702 http://www.securityfocus.com/bid/14528 •
CVSS: 2.6EPSS: 1%CPEs: 1EXPL: 2CVE-2005-2272
https://notcve.org/view.php?id=CVE-2005-2272
Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability." • http://docs.info.apple.com/article.html?artnum=302847 http://secunia.com/advisories/15474 http://secunia.com/advisories/17813 http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test http://secunia.com/secunia_research/2005-12/advisory http://securitytracker.com/id?1015294 http://www.osvdb.org/17397 http://www.securityfocus.com/bid/14011 http://www.vupen.com/english/advisories/2005/2659 https://exchange.xforce.ibmcloud.com/vulnerabilities/21070 •
CVSS: 2.6EPSS: 1%CPEs: 1EXPL: 1CVE-2005-1385
https://notcve.org/view.php?id=CVE-2005-1385
Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference. • http://marc.info/?l=bugtraq&m=111473570624498&w=2 http://marc.info/?l=bugtraq&m=111479299730011&w=2 http://marc.info/?l=bugtraq&m=111479346119272&w=2 http://securitytracker.com/id?1013835 http://www.osvdb.org/16006 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1CVE-2005-0976
https://notcve.org/view.php?id=CVE-2005-0976
AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs. • http://lists.apple.com/archives/security-announce/2005/Apr/msg00000.html http://remahl.se/david/vuln/001 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2005-0341
https://notcve.org/view.php?id=CVE-2005-0341
Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks. • http://marc.info/?l=bugtraq&m=110756965213819&w=2 http://securitytracker.com/id?1013087 http://tigger.uic.edu/~jrockw2/safari_20050204.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/19227 •