Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:apple:safari:11.1.2
There are 243 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2011-3230

Apple Safari before 5.1.1 on Mac OS X does not enforce an intended policy for file: URLs, which allows remote attackers to execute arbitrary code via a crafted web site.

Published: October 14, 2011; 6:55:09 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3229

Directory traversal vulnerability in Apple Safari before 5.1.1 allows remote attackers to execute arbitrary JavaScript code, in a Safari Extensions context, via a crafted safari-extension: URL.

Published: October 14, 2011; 6:55:09 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2008-7296

Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.

Published: August 09, 2011; 3:55:01 PM -0400
V3.x:(not available)
V2.0: 5.8 MEDIUM
CVE-2011-0132

Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets (CSS) 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Published: March 03, 2011; 3:00:01 PM -0500
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2011-0115

The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Published: March 03, 2011; 3:00:01 PM -0500
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2010-3638

Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Mac OS X, when Safari is used, allows attackers to obtain sensitive information via unknown vectors.

Published: November 07, 2010; 5:00:01 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-2454

Apple Safari does not properly manage the address bar between the request to open a URL and the retrieval of the new document's content, which might allow remote attackers to conduct spoofing attacks via a crafted HTML document, a related issue to CVE-2010-1206.

Published: June 25, 2010; 3:30:01 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-1729

WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.

Published: May 06, 2010; 10:53:01 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-1180

Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long exception string in a throw statement, possibly a related issue to CVE-2009-1514.

Published: March 29, 2010; 3:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1179

Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large integer in the numcolors attribute of a recolorinfo element in a VML file, possibly a related issue to CVE-2007-0024.

Published: March 29, 2010; 3:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1178

Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) via a JavaScript loop that attempts to construct an infinitely long string.

Published: March 29, 2010; 3:30:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-1177

Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving document.write calls with long crafted strings.

Published: March 29, 2010; 3:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1176

Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to an array of long strings, an array of IMG elements with crafted strings in their SRC attributes, a TBODY element with no associated TABLE element, and certain calls to the delete operator and the cloneNode, clearAttributes, and CollectGarbage methods, possibly a related issue to CVE-2009-0075.

Published: March 29, 2010; 3:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1099

Integer overflow in Apple Safari allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25.

Published: March 24, 2010; 6:45:16 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1029

Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences.

Published: March 19, 2010; 5:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-0314

Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value.

Published: January 14, 2010; 2:30:00 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-3271

Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element.

Published: September 21, 2009; 3:30:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2009-1692

WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object.

Published: June 19, 2009; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2009-1600

Apple Safari executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated by a web site that permits PDF uploads by untrusted users, and therefore has a shared document.domain between the web site and this javascript: URI. NOTE: the researcher reports that Adobe's position is "a PDF file is active content."

Published: May 11, 2009; 11:30:00 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-1060

Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Charlie Miller during a PWN2OWN competition at CanSecWest 2009.

Published: March 24, 2009; 10:30:00 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH