apple safari 4.0 vulnerabilities and exploits

(subscribe to this query)

Apple Safari prior to 4.0.5 on Windows does not properly validate external URL schemes, which allows remote malicious users to open local files and execute arbitrary code via a crafted HTML document.

Apple Safari Apple Safari 4.0 Apple Safari 4.0.1 Apple Safari 4.0.2 Apple Safari 4.0.3

Use-after-free vulnerability in WebKit in Apple Safari prior to 4.0.5 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document.

Apple Safari Apple Safari 4.0 Apple Safari 4.0.1 Apple Safari 4.0.2 Apple Safari 4.0.3

Use-after-free vulnerability in the servePendingRequests function in WebCore in WebKit in Apple Safari 4.0 and 4.0.1 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted HTML document that references a zer...

Apple Safari 4.0 Apple Safari 4.0.1

1 EDB exploit

Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safari 3.2.3, and possibly other versions prior to 4.1.2, allows remote malicious users to cause a denial of service (application crash) via JavaScript code that calls eval on a long string composed of A/ sequences.

Apple Safari 3.2.3 Apple Safari 4.0 Apple Safari 4.0.0b Apple Safari 4.0.2 Apple Safari 4.0.3

1 EDB exploit

Use-after-free vulnerability in WebKit in Apple Safari prior to 4.0.5 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality.

Apple Safari Apple Safari 4.0 Apple Safari 4.0.0b Apple Safari 4.0.1 Apple Safari 4.0.2 Apple Safari 4.0.3

1 EDB exploit

Use-after-free vulnerability in WebKit in Apple Safari prior to 4.0.5 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements."

Apple Safari Apple Safari 4.0 Apple Safari 4.0.0b Apple Safari 4.0.1 Apple Safari 4.0.2 Apple Safari 4.0.3

Use-after-free vulnerability in WebKit in Apple Safari prior to 4.0.5 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements.

Apple Safari Apple Safari 4.0 Apple Safari 4.0.0b Apple Safari 4.0.1 Apple Safari 4.0.2 Apple Safari 4.0.3

WebKit in Apple Safari prior to 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote malicious users to obtain sensitive information via a crafted HTML document. NOTE: this might overlap CVE-2010-0651.

Apple Safari Apple Safari 4.0 Apple Safari 4.0.0b Apple Safari 4.0.1 Apple Safari 4.0.2 Apple Safari 4.0.3

1 Github repository

Integer overflow in ColorSync in Apple Safari prior to 4.0.5 on Windows, and iTunes prior to 9.1, allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer o...

Apple Safari Apple Safari 4.0 Apple Safari 4.0.0b Apple Safari 4.0.1 Apple Safari 4.0.2 Apple Safari 4.0.3

ImageIO in Apple Safari prior to 4.0.5 and iTunes prior to 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote malicious users to obtain potentially sensitive information from process memory via a crafted TIFF image.

Apple Safari Apple Safari 4.0 Apple Safari 4.0.0b Apple Safari 4.0.1 Apple Safari 4.0.2 Apple Safari 4.0.3

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook