Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple safari 4.0.3 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-3016
Apple Safari 4.0.3 does not properly block javascript: and data: URIs in Refresh headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contains a javascript: URI, (2)...
Apple Safari 4.0.3
9.3
CVSSv2
CVE-2010-1807
WebKit in Apple Safari 4.x prior to 4.1.2 and 5.x prior to 5.0.2; Android prior to 2.2; and webkitgtk prior to 1.2.6; does not properly validate floating-point data, which allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via...
Apple Safari 4.0.2
Apple Safari 4.0.1
Apple Safari 4.0.5
Apple Safari 4.0
Apple Safari 4.0.3
Apple Safari 4.1.1
Apple Safari 4.1
Apple Safari 4.0.0b
Apple Safari 4.0.4
Apple Safari 5.0.1
Apple Safari 5.0
Google Android
Google Android 1.0
Google Android 1.6
Google Android 2.0
Google Android 1.5
Google Android 1.1
Webkitgtk Webkitgtk 1.2.3
Webkitgtk Webkitgtk 1.2.0
Webkitgtk Webkitgtk 1.2.2
Webkitgtk Webkitgtk
Webkitgtk Webkitgtk 1.2.4
2 EDB exploits
9.3
CVSSv2
CVE-2009-2195
Buffer overflow in WebKit in Apple Safari prior to 4.0.3 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via crafted floating-point numbers.
Apple Safari
Apple Safari 0.8
Apple Safari 0.9
Apple Safari 1.0
Apple Safari 1.0.0
Apple Safari 1.0.0b1
Apple Safari 1.0.0b2
Apple Safari 1.0.1
Apple Safari 1.0.2
Apple Safari 1.0.3
Apple Safari 1.1
Apple Safari 1.1.0
Apple Safari 1.1.1
Apple Safari 1.2
Apple Safari 1.2.0
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 1.2.4
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 1.3.0
1 EDB exploit
7.1
CVSSv2
CVE-2009-2200
WebKit in Apple Safari prior to 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote malicious users to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document.
Apple Safari
Apple Safari 0.8
Apple Safari 0.9
Apple Safari 1.0
Apple Safari 1.0.0
Apple Safari 1.0.0b1
Apple Safari 1.0.0b2
Apple Safari 1.0.1
Apple Safari 1.0.2
Apple Safari 1.0.3
Apple Safari 1.1
Apple Safari 1.1.0
Apple Safari 1.1.1
Apple Safari 1.2
Apple Safari 1.2.0
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 1.2.4
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 1.3.0
7.5
CVSSv2
CVE-2011-3443
Use-after-free vulnerability in WebKit, as used in Apple Safari prior to 5.0.6, allows remote malicious users to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors related to improper list management for Cascading Style ...
Apple Safari 4.0.2
Apple Safari 3.0.4b
Apple Safari 1.3.0
Apple Safari 1.0.3
Apple Safari 2.0.3
Apple Safari 4.0.1
Apple Safari 1.3.2
Apple Safari 1.1.1
Apple Safari 3.0.4
Apple Safari 1.2.2
Apple Safari 3.0.1
Apple Safari 2.0.1
Apple Safari 3.2.0b
Apple Safari 5.0.1
Apple Safari 2.0.2
Apple Safari 1.0.2
Apple Safari 3.0.0
Apple Safari 3.1.2b
Apple Safari 3.0.2
Apple Safari 1.0
Apple Safari 3.1.0b
Apple Safari 3.1.0
7.5
CVSSv2
CVE-2009-3455
Apple Safari, possibly prior to 4.0.3, on Mac OS X does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafte...
Apple Safari 3.1.2
Apple Safari 2.0.3
Apple Safari 4.0.1
Apple Safari 2.0.1
Apple Safari 1.2.0
Apple Safari 3.2.3
Apple Safari 3.2.1
Apple Safari 0.9
Apple Safari 1.2.3
Apple Safari 1.2.1
Apple Safari 1.3.2
Apple Safari
Apple Safari 3.1.0
Apple Safari 1.2
Apple Safari 4.0
Apple Safari 3.1
Apple Safari 4.0.0b
Apple Safari 3.0.4
Apple Safari 4.0 Beta
Apple Safari 1.0.0
Apple Safari 3.2
Apple Safari 3.0.3
6.8
CVSSv2
CVE-2013-0960
WebKit in Apple Safari prior to 6.0.3 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0961.
Apple Safari
Apple Safari 1.0
Apple Safari 1.0.0
Apple Safari 1.0.0b1
Apple Safari 1.0.0b2
Apple Safari 1.0.1
Apple Safari 1.0.2
Apple Safari 1.0.3
Apple Safari 1.1
Apple Safari 1.1.0
Apple Safari 1.1.1
Apple Safari 1.2
Apple Safari 1.2.0
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 1.2.4
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 1.3.0
Apple Safari 1.3.1
Apple Safari 1.3.2
6.8
CVSSv2
CVE-2013-0961
WebKit in Apple Safari prior to 6.0.3 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0960.
Apple Safari
Apple Safari 1.0
Apple Safari 1.0.0
Apple Safari 1.0.0b1
Apple Safari 1.0.0b2
Apple Safari 1.0.1
Apple Safari 1.0.2
Apple Safari 1.0.3
Apple Safari 1.1
Apple Safari 1.1.0
Apple Safari 1.1.1
Apple Safari 1.2
Apple Safari 1.2.0
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 1.2.4
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 1.3.0
Apple Safari 1.3.1
Apple Safari 1.3.2
6.8
CVSSv2
CVE-2011-3230
Apple Safari prior to 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allows remote malicious users to execute arbitrary code via a crafted web site.
Apple Safari
Apple Safari 1.0
Apple Safari 1.0.0
Apple Safari 1.0.0b1
Apple Safari 1.0.0b2
Apple Safari 1.0.1
Apple Safari 1.0.2
Apple Safari 1.0.3
Apple Safari 1.0b1
Apple Safari 1.1
Apple Safari 1.1.0
Apple Safari 1.1.1
Apple Safari 1.2
Apple Safari 1.2.0
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 1.2.4
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 1.3.0
Apple Safari 1.3.1
1 EDB exploit
6.8
CVSSv2
CVE-2011-3229
Directory traversal vulnerability in Apple Safari prior to 5.1.1 allows remote malicious users to execute arbitrary JavaScript code, in a Safari Extensions context, via a crafted safari-extension: URL.
Apple Safari 4.0.2
Apple Safari 3.0.4b
Apple Safari 1.3.0
Apple Safari 1.0.3
Apple Safari 2.0.3
Apple Safari 4.0.1
Apple Safari 1.3.2
Apple Safari 2
Apple Safari 1.1.1
Apple Safari 3.0.4
Apple Safari 1.2.2
Apple Safari 3.0.1
Apple Safari 2.0.1
Apple Safari 3.2.0b
Apple Safari 5.0.6
Apple Safari 5.0.1
Apple Safari 2.0.2
Apple Safari
Apple Safari 1.0.2
Apple Safari 3.0.0
Apple Safari 3.1.2b
Apple Safari 3.0.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »