Lucene search

K

6 matches found

CVE
CVE
added 2005/12/22 11:3 p.m.422 views

CVE-2005-4504

The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag.

7.8CVSS6AI score0.21773EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.82 views

CVE-2005-0976

AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs.

5CVSS6.7AI score0.00362EPSS
CVE
CVE
added 2005/04/14 4:0 a.m.46 views

CVE-2004-1121

Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags.

5CVSS8.4AI score0.03231EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.46 views

CVE-2004-1199

Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.

5CVSS7.2AI score0.00886EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.46 views

CVE-2004-1314

Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability, a different vulnera...

7.5CVSS6.6AI score0.00968EPSS
CVE
CVE
added 2005/09/21 10:3 p.m.34 views

CVE-2005-3018

Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.

5CVSS6.5AI score0.04452EPSS