Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:apple:safari:5.1.2
There are 927 matching records.
Displaying matches 801 through 820.
Vuln ID Summary CVSS Severity
CVE-2011-3076

Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling.

Published: April 05, 2012; 6:02:08 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3075

Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands.

Published: April 05, 2012; 6:02:07 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3074

Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media.

Published: April 05, 2012; 6:02:07 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3073

Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources.

Published: April 05, 2012; 6:02:07 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3071

Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: April 05, 2012; 6:02:07 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3069

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes.

Published: April 05, 2012; 6:02:07 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3068

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes.

Published: April 05, 2012; 6:02:07 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3067

Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements.

Published: April 05, 2012; 6:02:07 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3064

Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.

Published: March 30, 2012; 6:55:01 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-3060

Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Published: March 30, 2012; 6:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3059

Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Published: March 30, 2012; 6:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3056

Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."

Published: March 22, 2012; 12:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3053

Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.

Published: March 22, 2012; 12:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3050

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.

Published: March 22, 2012; 12:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-0647

WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header.

Published: March 12, 2012; 5:55:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-0640

WebKit in Apple Safari before 5.1.4 does not properly implement "From third parties and advertisers" cookie blocking, which makes it easier for remote web servers to track users via a cookie.

Published: March 12, 2012; 5:55:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-0584

The Internationalized Domain Name (IDN) feature in Apple Safari before 5.1.4 on Windows does not properly restrict the characters in URLs, which allows remote attackers to spoof a domain name via unspecified homoglyphs.

Published: March 12, 2012; 5:55:00 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2011-3046

The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.

Published: March 08, 2012; 7:55:01 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0637

WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.

Published: March 08, 2012; 5:55:03 PM -0500
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2012-0636

WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.

Published: March 08, 2012; 5:55:03 PM -0500
V3.x:(not available)
V2.0: 7.6 HIGH