4 matches found
Apple iTunes < 9.2 Multiple Vulnerabilities (uncredentialed check)
The version of Apple iTunes on the remote host is prior to version 9.2. It is, therefore, affected by multiple vulnerabilities : - A heap-based buffer overflow vulnerability exists in the handling of images with an embedded ColorSync profile. By using a specially crafted image, a remote attacker...
CVE-2010-1396
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the contentEditable attribute and...
CVE-2010-1396
CVE-2010-1396 is a use-after-free in WebKit’s handling of contentEditable and removal of container elements, allowing remote attackers to execute arbitrary code or cause a denial of service (application crash). Affected products/versions cited include Safari before 5.0 on macOS 10.5–10.6 and Wind...
ZDI-10-092: Apple Webkit Option Element ContentEditable Remote Code Execution Vulnerability
ZDI-10-092: Apple Webkit Option Element ContentEditable Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-092 June 8, 2010 -- CVE ID: CVE-2010-1396 -- Affected Vendors: Apple -- Affected Products: Apple WebKit -- TippingPointTM IPS Customer Protection:...