3 matches found
Apple iTunes < 9.2 Multiple Vulnerabilities (uncredentialed check)
The version of Apple iTunes on the remote host is prior to version 9.2. It is, therefore, affected by multiple vulnerabilities : - A heap-based buffer overflow vulnerability exists in the handling of images with an embedded ColorSync profile. By using a specially crafted image, a remote attacker...
CVE-2010-1390
Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to improper UTF-7 canonicalization, and lack of termination of...
CVE-2010-1390
CVE-2010-1390 is a cross-site scripting vulnerability in WebKit used by Safari that can allow remote attackers to inject arbitrary script or HTML via flaws in UTF-7 canonicalization and incomplete termination of a quoted string in HTML. The vulnerability affects WebKit/Safari on multiple platform...