5 matches found
Mandriva Linux Security Advisory : kdelibs4 (MDVSA-2010:027)
Multiple vulnerabilities was discovered and corrected in kdelibs4 : KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '' NUL character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL...
kdegraphics: KSVG NULL-pointer dereference in the SVGList interface implementation (ACE)
Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute...
ZDI-09-022: Apple Safari Malformed SVGList Parsing Code Execution Vulnerability
ZDI-09-022: Apple Safari Malformed SVGList Parsing Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-022 May 13, 2009 -- CVE ID: CVE-2009-0945 -- Affected Vendors: Apple -- Affected Products: Apple Safari -- TippingPointTM IPS Customer Protection: TippingPoint IPS...
CVE-2009-0945
Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute...
Safari < 3.2.3 Multiple Vulnerabilities
The version of Safari installed on the remote Windows host is earlier than 3.2.3. Such versions are potentially affected by several issues : - A heap-based buffer overflow issue in the libxml library when handling long entity names could lead to a crash or arbitrary code execution. CVE-2008-3529 ...