CVSS: 10.0EPSS: 23%CPEs: 78EXPL: 0CVE-2010-1784 – Apple Webkit Rendering Counter Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1784
The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. La función "counters" (contadores) en la implementación de hojs de estilo (CSS) de WebKit de Apple Safari en versiones anteriores a la v5.0.1 en Mac OS X v10.5 hasta v10.6 y Windows, y anteriores a la v4.1.1 en Mac OS X v10.4, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de documento HTML modificado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's support for generated content. When utilizing generated content on a particular element, the library will insert more than one reference of the generated element element. • http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http:/&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 7%CPEs: 78EXPL: 0CVE-2010-1782 – WebKit: multiple vulnerabilities in WebKitGTK
https://notcve.org/view.php?id=CVE-2010-1782
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to the rendering of an inline element. WebKit de Apple Safari en versiones anteriores a la v5.0.1 en Mac OS X v10.5 hasta v10.6 y Windows, y anteriores a la v4.1.1 en Mac OS X v10.4, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de vectores de ataque relacionados con la representación por pantalla de un elemento "inline". • http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http:/&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 10%CPEs: 78EXPL: 0CVE-2010-1785 – Apple Webkit SVG First-Letter Style Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1785
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; accesses uninitialized memory during processing of the (1) :first-letter and (2) :first-line pseudo-elements in an SVG text element, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document. WebKit de Apple Safari en versiones anteriores a la v5.0.1 en Mac OS X v10.5 hasta v10.6 y Windows, y anteriores a la v4.1.1 en Mac OS X v10.4, accede a memoria sin inicializar durante el procesamiento de los pseudo-elementos (1) :first-letter y (2) :first-line en un elemento de texto SVG, lo que permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de documento modificado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of the first-letter style in the context of an SVG text element. Upon applying the style to this element, the library will calculate the height for determining the overflow for an inline box. • http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http:/&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.6EPSS: 0%CPEs: 78EXPL: 0CVE-2010-1796
https://notcve.org/view.php?id=CVE-2010-1796
The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields. La función autocompletar en Apple Safari en versiones anteriores a la v5.0.1 en Mac OS X v10.5 hasta la v10.6 y Windows, y anteriores a la v4.1.1 en Mac OS X v10.4, permite a atacantes remotos obtener información confidencial del libreta de direcciones (Address Book Card) a través de código JavaScript que fuerza eventos de pulsaciones de teclado para campos de entrada. • http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html http://support.apple.com/kb/HT4276 http://www.securityfocus.com/bid/42020 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11112 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 80%CPEs: 6EXPL: 3CVE-2010-0211 – OpenLDAP 2.4.22 - 'modrdn' Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-0211
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. La función slap_modrdn2mods en modrdn.c en OpenLDAP v2.4.22 no comprueba el valor de retorno de la llamada a la función smr_normalize, lo que permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) y posiblemente ejecución de comandos de su elección a través de una llamada a modrdn call con una cadena RDN que contenga secuencias UTF-8 inválidas, lo que provocará la liberación de un puntero no válido ni inicializado en la función slap_mods_free, como se demostró usando la suite de test Codenomicon LDAPv3. • https://www.exploit-db.com/exploits/34348 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://secunia.com/advisories/40639 http://secunia.com/advisories/40677 http://secunia.com/advisories/40687 http://secunia.com/advisories/42787 http://security.gentoo.org/glsa/glsa-201406-36.xml http://support.apple.com/kb/H • CWE-252: Unchecked Return Value •