Lucene search
K

72 matches found

Prion
Prion
added 2010/03/15 1:28 p.m.25 views

Design/Logic Flaw

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to "HTML object element fallback content."...

9.3CVSS7.9AI score0.0504EPSS
Exploits0References18Affected Software1
UbuntuCve
UbuntuCve
added 2010/03/15 1:28 p.m.30 views

CVE-2010-0047

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to "HTML object element fallback content."...

9.3CVSS6.2AI score0.0504EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2010/03/12 8:0 p.m.14 views

CVE-2010-0047

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to "HTML object element fallback content."...

7.4AI score0.0504EPSS
Exploits0References18
Cvelist
Cvelist
added 2010/03/12 8:0 p.m.27 views

CVE-2010-0047

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to "HTML object element fallback content."...

8.7AI score0.0504EPSS
Exploits0References18
CVE
CVE
added 2010/03/12 8:0 p.m.59 views

CVE-2010-0047

CVE-2010-0047 is a use-after-free vulnerability in WebKit used by Apple Safari prior to 4.0.5. The issue arises from vectors related to the HTML object element fallback content, allowing remote attackers to potentially execute arbitrary code or cause a denial of service (application crash). The d...

9.3CVSS8.6AI score0.0504EPSS
Exploits0References18Affected Software1
Debian CVE
Debian CVE
added 2010/03/12 8:0 p.m.29 views

CVE-2010-0047

Removed by vendor...

9.3CVSS8.4AI score0.0504EPSS
Exploits0
NVD
NVD
added 2009/09/01 4:30 p.m.17 views

CVE-2009-3038

A certain ActiveX control in lnresobject.dll 7.1.1.119 in the Research In Motion RIM Lotus Notes connector for BlackBerry Desktop Manager 5.0.0.11 allows remote attackers to cause a denial of service Internet Explorer crash by referencing the control's CLSID in the classid attribute of an OBJECT...

4.3CVSS6.6AI score0.03461EPSS
Exploits0References1
Cvelist
Cvelist
added 2009/09/01 4:0 p.m.21 views

CVE-2009-3038

A certain ActiveX control in lnresobject.dll 7.1.1.119 in the Research In Motion RIM Lotus Notes connector for BlackBerry Desktop Manager 5.0.0.11 allows remote attackers to cause a denial of service Internet Explorer crash by referencing the control's CLSID in the classid attribute of an OBJECT...

6.6AI score0.03461EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2009/06/10 12:0 a.m.34 views

CVE-2009-1712

WebKit in Apple Safari before 4.0 does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element...

9.3CVSS6.1AI score0.07746EPSS
Exploits2References3
Prion
Prion
added 2007/08/18 10:17 p.m.17 views

Design/Logic Flaw

Apple Safari for Windows 3.0.3 and earlier does not prompt the user before downloading a file, which allows remote attackers to download arbitrary files to the desktop of a client system via certain HTML, as demonstrated by a filename in the DATA attribute of an OBJECT element. NOTE: it could be...

4.3CVSS6.8AI score0.01083EPSS
Exploits0References5Affected Software1
CERT
CERT
added 2003/08/25 12:0 a.m.29 views

Microsoft Internet Explorer does not properly evaluate "application/hta" MIME type referenced by DATA attribute of OBJECT element

Overview Microsoft Internet Explorer IE will execute an HTML Application HTA referenced by the DATA attribute of an OBJECT element if the Content-Type header returned by the web server is set to "application/hta". An attacker could exploit this vulnerability to execute arbitrary code with the...

7.3AI score
Exploits0References26
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.11 views

CVE-2026-48761: HtmlSanitizer UrlAttributeSanitizer Misses URL Attributes on <object>, <applet>, <iframe>, <img> and the URL Inside <meta http-equiv="refresh"> content

More info at https://symfony.com/cve-2026-48761...

5.8AI score0.00051EPSS
Exploits0Affected Software1
Rows per page
Query Builder