U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:apple:safari:1.2.2
There are 1,251 matching records.
Displaying matches 941 through 960.
Vuln ID Summary CVSS Severity
CVE-2011-3050

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.

Published: March 22, 2012; 12:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-0647

WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header.

Published: March 12, 2012; 5:55:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-0640

WebKit in Apple Safari before 5.1.4 does not properly implement "From third parties and advertisers" cookie blocking, which makes it easier for remote web servers to track users via a cookie.

Published: March 12, 2012; 5:55:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-0584

The Internationalized Domain Name (IDN) feature in Apple Safari before 5.1.4 on Windows does not properly restrict the characters in URLs, which allows remote attackers to spoof a domain name via unspecified homoglyphs.

Published: March 12, 2012; 5:55:00 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2011-3046

The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.

Published: March 08, 2012; 7:55:01 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0637

WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.

Published: March 08, 2012; 5:55:03 PM -0500
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2012-0636

WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.

Published: March 08, 2012; 5:55:03 PM -0500
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2011-3044

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements.

Published: March 05, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3043

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements.

Published: March 05, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3042

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections.

Published: March 05, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3041

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes.

Published: March 05, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3040

Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.

Published: March 05, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2011-3039

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling.

Published: March 05, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3038

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling.

Published: March 05, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3037

Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

Published: March 05, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3036

Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

Published: March 05, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3035

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.

Published: March 05, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3034

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document.

Published: March 05, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3032

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values.

Published: March 05, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-3443

Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors related to improper list management for Cascading Style Sheets (CSS) @font-face rules.

Published: March 01, 2012; 7:55:02 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH