NotCVE - vendor:"Apple" product:"Safari" version:"

Page 274 of 1392 results (0.008 seconds)

CVSS: 5.0EPSS: 9%CPEs: 2EXPL: 2

CVE-2006-2019 – Apple Mac OSX Safari 2.0.3 (417.9.2) - 'ROWSPAN' Denial of Service (PoC)

https://notcve.org/view.php?id=CVE-2006-2019

Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute. • https://www.exploit-db.com/exploits/1715 http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045472.html http://secunia.com/advisories/19763 http://securitytracker.com/id?1015982 http://www.securityfocus.com/archive/1/431874/100/0/threaded http://www.securityfocus.com/archive/1/431944/100/0/threaded http://www.securityfocus.com/bid/17674 http://www.vupen.com/english/advisories/2006/1508 https://exchange.xforce.ibmcloud.com/vulnerabilities/25998 •

CVSS: 7.5EPSS: 80%CPEs: 4EXPL: 3

CVE-2006-1986

https://notcve.org/view.php?id=CVE-2006-1986

Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl. • http://secunia.com/advisories/19686 http://security-protocols.com/poc/sp-x26-1.html http://www.osvdb.org/24823 http://www.security-protocols.com/sp-x26-advisory.php http://www.securityfocus.com/bid/17634 http://www.vupen.com/english/advisories/2006/1452 https://exchange.xforce.ibmcloud.com/vulnerabilities/25946 •

CVSS: 5.1EPSS: 2%CPEs: 38EXPL: 1

CVE-2006-1985 – Apple Mac OSX 10.x - '.zip' 'BOMStackPop()' Overflow

https://notcve.org/view.php?id=CVE-2006-1985

Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function. • https://www.exploit-db.com/exploits/27715 http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/19686 http://secunia.com/advisories/20077 http://securitytracker.com/id?1016082 http://www.osvdb.org/24819 http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233 http://www.security-protocols.com/sp-x25-advisory.php http://www.securityfocus.com/bid/17634 http://www.securityfocus.com/bid/17951 http://www.us • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 79%CPEs: 4EXPL: 3

CVE-2006-1987

https://notcve.org/view.php?id=CVE-2006-1987

Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. NOTE: due to lack of diagnosis by the researcher, it is unclear which vector is responsible. • http://secunia.com/advisories/19686 http://security-protocols.com/poc/sp-x26-4.html http://www.security-protocols.com/sp-x26-advisory.php http://www.securityfocus.com/bid/17634 http://www.vupen.com/english/advisories/2006/1452 https://exchange.xforce.ibmcloud.com/vulnerabilities/25946 •

CVSS: 5.0EPSS: 3%CPEs: 4EXPL: 2

CVE-2006-1988

https://notcve.org/view.php?id=CVE-2006-1988

The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function in Apple Safari 2.0.3 allows remote attackers to cause a denial of service (application crash) via an HTML LI tag with a large VALUE attribute (list item number), which triggers a null dereference in QPainter::drawText, probably due to a failed memory allocation that uses the VALUE. • http://secunia.com/advisories/19686 http://security-protocols.com/poc/sp-x26-2.html http://www.osvdb.org/24823 http://www.security-protocols.com/sp-x26-advisory.php http://www.securityfocus.com/bid/17634 http://www.vupen.com/english/advisories/2006/1452 https://exchange.xforce.ibmcloud.com/vulnerabilities/25946 •

1...272 273 274 275 276