U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*
There are 1,243 matching records.
Displaying matches 1,241 through 1,243.
Vuln ID Summary CVSS Severity
CVE-2008-1999

Apple Safari 3.1.1 allows remote attackers to spoof the address bar by placing many "invisible" characters in the userinfo subcomponent of the authority component of the URL (aka the user field), as demonstrated by %E3%80%80 sequences.

Published: April 28, 2008; 4:05:00 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-2008-2000

Unspecified vulnerability in Apple Safari 3.1.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls document.write in an infinite loop.

Published: April 28, 2008; 4:05:00 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 4.3 MEDIUM
CVE-2008-2001

Apple Safari 3.1.1 allows remote attackers to cause a denial of service (application crash) via a file:///%E2 link that triggers an out-of-bounds access, possibly due to a NULL pointer dereference.

Published: April 28, 2008; 4:05:00 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 4.3 MEDIUM