Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple safari 2.0.3 417.9.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3224
Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote malicious users to cause a denial of service (CPU consumption) via Javascript with an infinite for loop. NOTE: it could be argued that this is not a vulnerability, unless it interferes with the operation of the system ...
Apple Safari 2.0.3 417.9.3
NA
CVE-2008-3644
Apple Safari prior to 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache.
Apple Safari 1.3.2
Apple Safari 2
Apple Safari 1.1.1
Apple Safari 3.0.4
Apple Safari 1.2.2
Apple Safari 2.0.1
Apple Safari 3.0.1
Apple Safari 2.0.3
Apple Safari 1.0.3
Apple Safari 2.0.2
Apple Safari 3.0.2
Apple Safari 1.0
Apple Safari 2.0.4 419.3
Apple Safari 3.1.1
Apple Safari 1.3
Apple Safari 3.0.3
Apple Safari 3.1
Apple Safari 1.2.5
Apple Safari 3.0
Apple Safari 2.0
Apple Safari 1.2.4
Apple Safari 1.2.1
NA
CVE-2008-3623
Heap-based buffer overflow in CoreGraphics in Apple Safari prior to 3.2 on Windows, in iPhone OS 1.0 up to and including 2.2.1, and in iPhone OS for iPod touch 1.1 up to and including 2.2.1 allows remote malicious users to execute arbitrary code or cause a denial of service (appl...
Apple Safari
Apple Safari 0.8
Apple Safari 0.9
Apple Safari 1.0
Apple Safari 1.0.3
Apple Safari 1.1
Apple Safari 1.1.1
Apple Safari 1.2
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 1.2.4
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 2
Apple Safari 2.0
Apple Safari 2.0.1
Apple Safari 2.0.2
Apple Safari 2.0.3
Apple Safari 2.0.3 417.9.3
NA
CVE-2008-4216
The plug-in interface in WebKit in Apple Safari prior to 3.2 does not prevent plug-ins from accessing local URLs, which allows remote malicious users to obtain sensitive information via vectors that "launch local files."
Apple Safari 1.3.2
Apple Safari 2
Apple Safari 1.1.1
Apple Safari 3.0.4
Apple Safari 1.2.2
Apple Safari 2.0.1
Apple Safari 3.0.1
Apple Safari 2.0.3
Apple Safari 1.0.3
Apple Safari 2.0.2
Apple Safari 3.0.2
Apple Safari 1.0
Apple Safari 2.0.4 419.3
Apple Safari 3.1.1
Apple Safari 1.3
Apple Safari 3.0.3
Apple Safari 3.1
Apple Safari 1.2.5
Apple Safari 3.0
Apple Safari 2.0
Apple Safari 1.2.4
Apple Safari 1.2.1
NA
CVE-2009-2066
Apple Safari detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle malicious users to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a s...
Apple Safari 3.0.4b
Apple Safari 1.3.0
Apple Safari 1.0.3
Apple Safari 2.0.3
Apple Safari 1.3.2
Apple Safari 2
Apple Safari 1.1.1
Apple Safari 3.0.4
Apple Safari 1.2.2
Apple Safari 3.0.1
Apple Safari 2.0.1
Apple Safari 2.0.2
Apple Safari 1.0.2
Apple Safari 3.0.0
Apple Safari 3.0.2
Apple Safari 1.0
Apple Safari 2.0.4 419.3
Apple Safari 3.0.3b
Apple Safari 3.1.1
Apple Safari 1.3
Apple Safari 3.1
Apple Safari 1.2.5
NA
CVE-2009-2062
Apple Safari prior to 3.2.2 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle malicious users to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 302 redirect to an...
Apple Safari 3.0.4b
Apple Safari 1.3.0
Apple Safari 1.0.3
Apple Safari 2.0.3
Apple Safari 1.3.2
Apple Safari 2
Apple Safari 1.1.1
Apple Safari 3.0.4
Apple Safari 1.2.2
Apple Safari 3.0.1
Apple Safari 2.0.1
Apple Safari 2.0.2
Apple Safari 1.0.2
Apple Safari 3.0.0
Apple Safari 3.0.2
Apple Safari 1.0
Apple Safari 2.0.4 419.3
Apple Safari 3.0.3b
Apple Safari 3.1.1
Apple Safari 1.3
Apple Safari 3.1
Apple Safari 1.2.5
NA
CVE-2009-2072
Apple Safari does not require a cached certificate before displaying a lock icon for an https web site, which allows man-in-the-middle malicious users to spoof an arbitrary https site by sending the browser a crafted (1) 4xx or (2) 5xx CONNECT response page for an https request s...
Apple Safari 3.0.4b
Apple Safari 1.3.0
Apple Safari 1.0.3
Apple Safari 2.0.3
Apple Safari 1.3.2
Apple Safari 2
Apple Safari 1.1.1
Apple Safari 3.0.4
Apple Safari 1.2.2
Apple Safari 3.0.1
Apple Safari 2.0.1
Apple Safari 2.0.2
Apple Safari 1.0.2
Apple Safari 3.0.0
Apple Safari 3.0.2
Apple Safari 1.0
Apple Safari 2.0.4 419.3
Apple Safari 3.0.3b
Apple Safari 3.1.1
Apple Safari 1.3
Apple Safari 3.1
Apple Safari 1.2.5
NA
CVE-2009-2841
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari prior to 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which al...
Apple Safari
Apple Safari 0.8
Apple Safari 0.9
Apple Safari 1.0
Apple Safari 1.0.0
Apple Safari 1.0.0b1
Apple Safari 1.0.0b2
Apple Safari 1.0.1
Apple Safari 1.0.2
Apple Safari 1.0.3
Apple Safari 1.1.0
Apple Safari 1.1.1
Apple Safari 1.2
Apple Safari 1.2.0
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 1.2.4
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 1.3.0
Apple Safari 1.3.1
NA
CVE-2009-3384
Multiple unspecified vulnerabilities in WebKit in Apple Safari prior to 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing in a reply.
Apple Safari
Apple Safari 0.8
Apple Safari 0.9
Apple Safari 1.0
Apple Safari 1.0.0
Apple Safari 1.0.0b1
Apple Safari 1.0.0b2
Apple Safari 1.0.1
Apple Safari 1.0.2
Apple Safari 1.0.3
Apple Safari 1.1.0
Apple Safari 1.1.1
Apple Safari 1.2
Apple Safari 1.2.0
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 1.2.4
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 1.3.0
Apple Safari 1.3.1
NA
CVE-2009-2200
WebKit in Apple Safari prior to 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote malicious users to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document.
Apple Safari
Apple Safari 0.8
Apple Safari 0.9
Apple Safari 1.0
Apple Safari 1.0.0
Apple Safari 1.0.0b1
Apple Safari 1.0.0b2
Apple Safari 1.0.1
Apple Safari 1.0.2
Apple Safari 1.0.3
Apple Safari 1.1
Apple Safari 1.1.0
Apple Safari 1.1.1
Apple Safari 1.2
Apple Safari 1.2.0
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 1.2.4
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 1.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »