Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-1694 |
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read images from arbitrary web sites via vectors involving a CANVAS element and redirection, related to a "cross-site image capture issue." Published: June 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 5.8 MEDIUM |
CVE-2009-1693 |
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue." Published: June 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 5.8 MEDIUM |
CVE-2009-1691 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to insufficient access control for standard JavaScript prototypes in other domains. Published: June 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-1690 |
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers." Published: June 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-1689 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving submission of a form to the about:blank URL, leading to security-context replacement. Published: June 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-1688 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to determining a security context through an approach that is not the "HTML 5 standard method." Published: June 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-1687 |
The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an "offset of a NULL pointer." Published: June 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-1686 |
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operation during JavaScript exception handling, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. Published: June 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-1685 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML by overwriting the document.implementation property of (1) an embedded document or (2) a parent document. Published: June 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-1684 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via an event handler that triggers script execution in the context of the next loaded document. Published: June 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-1682 |
Apple Safari before 4.0 does not properly check for revoked Extended Validation (EV) certificates, which makes it easier for remote attackers to trick a user into accepting an invalid certificate. Published: June 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-1681 |
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not prevent web sites from loading third-party content into a subframe, which allows remote attackers to bypass the Same Origin Policy and conduct "clickjacking" attacks via a crafted HTML document. Published: June 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-0945 |
Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption. Published: May 13, 2009; 1:30:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-0162 |
Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 Public Beta, on Apple Mac OS X 10.5 before 10.5.7 and Windows allows remote attackers to inject arbitrary web script or HTML via a crafted feed: URL. Published: May 13, 2009; 11:30:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2008-4216 |
The plug-in interface in WebKit in Apple Safari before 3.2 does not prevent plug-ins from accessing local URLs, which allows remote attackers to obtain sensitive information via vectors that "launch local files." Published: November 17, 2008; 1:18:47 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2008-3644 |
Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache. Published: November 17, 2008; 1:18:47 PM -0500 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2008-3623 |
Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2 on Windows, in iPhone OS 1.0 through 2.2.1, and in iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image, related to improper handling of color spaces. Published: November 17, 2008; 1:18:47 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-2540 |
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, and subsequently allows remote attackers to execute arbitrary code on Windows by leveraging an untrusted search path vulnerability in (a) Internet Explorer 7 on Windows XP or (b) the SearchPath function in Windows XP, Vista, and Server 2003 and 2008, aka a "Carpet Bomb" and a "Blended Threat Elevation of Privilege Vulnerability," a different issue than CVE-2008-1032. NOTE: Apple considers this a vulnerability only because the Microsoft products can load application libraries from the desktop and, as of 20080619, has not covered the issue in an advisory for Mac OS X. Published: June 03, 2008; 11:32:00 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |