Apple Safari Multiple Vulnerabilities (Mar 2010)

Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...

DSA-2022-1 mediawiki - several vulnerabilities

Bulletin has no description...

Mozilla Browser engine crashes

The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to 1 the frame chain and synchronous events, 2 a SetMayHaveFrame assertion and...

Apple WebKit CSS run-in Attribute Rendering Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari and other WebKit based browsers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of...

Design/Logic Flaw

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the run-in Cascading Style Sheets CSS display property...

CVE-2010-0046

The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via crafted format arguments...

Memory corruption

The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via crafted format arguments...

MediaWiki < 1.15.2 'CSS validation' Information Disclosure Vulnerability

MediaWiki is prone to an information disclosure vulnerability because it fails to properly restrict the posting of remote images. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2010-0053

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the run-in Cascading Style Sheets CSS display property...

CVE-2010-0053

CVE-2010-0053 represents a use-after-free vulnerability in WebKit used by Apple Safari prior to 4.0.5. The flaw, related to the run-in CSS display property, could allow a remote attacker to execute arbitrary code or cause a denial of service (application crash). The provided documentation notes a...

CVE-2010-0046

The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via crafted format arguments...

CVE-2010-0046

Removed by vendor...

EZodiak Remote XSS Vulnerabilities

Exploit for unknown platform in category web applications ================================== EZodiak Remote XSS Vulnerabilities ================================== » ! Coder - Developer HTML / CSS / PHP / Vb6 . ! =========================================================================== === »...

Safari < 4.0.5 Multiple Vulnerabilities

The version of Safari installed on the remote Windows host is earlier than 4.0.5. It thus is potentially affected by several issues : - A buffer underflow in ImageIO's handling of TIFF images could lead to a crash or arbitrary code execution. CVE-2009-2285 - An integer overflow in the handling of...

CSS Web Installer CSSWEBLib.Installer ActiveX InstallProduct1 Method Overflow

The CSS Web Installer ActiveX control, a component of the Authentium Command On Demand virus scanner, installed on the remote Windows host reportedly is affected by a buffer overflow involving the 'InstallProduct1' method, and possibly the 'InstallProduct' and 'InstallProduct2' methods as well. I...

Internet Explorer CSS Strings Parsing Memory Corruption (MS07-045; CVE-2007-0943)

Microsoft Internet Explorer IE is the most widely used web browser application. The browser is capable of processing HTML, images, scripting languages, and various other popular Internet specifications. The application is also capable of using Cascading Style Sheets CSS. A remote code execution...

Apple Safari 4.0.4 / Google Chrome 4.0.249 Denial Of Service

Apple Safari 4.0.4 & Google Chrome 4.0.249 CSS style Stack Overflow DoS/PoC Thank you Rad L. Sneak Apple Safari 4.0.4 & Google Chrome 4.0.249 CSS style Stack Overflow DoS/PoC Tested on WinXP SP3 and Windows 7 64bit Also works on Apple iPhone Safari Stack Overflow caused by long malformed string...

iPhone CSS::Selector Crash Exploit

!/usr/bin/python , dM MMr 4MMML . MMMMM. xf . "M6MMM .MM- Mh.. +MM5MMM .MMMM .MMM. .MMMMML. MMMMMh MMMh. MM5MMM MMMMMMM 3MMMMx. 'MMM3MMf xnMMMMMM" 'MMMMM MMMMMM. nMMMMMMP" MMMMMx "MMM5M\ .MMMMMMM= MMMMMh "MMMMM" JMMMMMMP MMMMMM GMMMM. dMMMMMM . MMMMMM "MMMM .MMMMM .nnMP" .. MMMMx MMM" dMMMM"...

Safari 4.0.4 & Google Chrome 4.0.249 CSS DoS/PoC

Exploit for unknown platform in category dos / poc ================================================ Safari 4.0.4 & Google Chrome 4.0.249 CSS DoS/PoC ================================================ Apple Safari 4.0.4 & Google Chrome 4.0.249 CSS DoS/PoC Stack overflow on Safari Extra long malforme...

Apple Safari 4.0.4 Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service (PoC)

Apple Safari 4.0.4 Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service PoC Apple Safari 4.0.4 & Google Chrome 4.0.249 CSS style Stack Overflow DoS/PoC Thank you Rad L. Sneak Apple Safari 4.0.4 & Google Chrome 4.0.249 CSS style Stack Overflow DoS/PoC Tested on WinXP SP3 and Windows ...