Lucene search

K

7 matches found

CVE
CVE
added 2007/06/12 10:30 p.m.67 views

CVE-2007-3186

Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI.

9.3CVSS7.2AI score0.08926EPSS
CVE
CVE
added 2007/06/25 7:30 p.m.63 views

CVE-2007-2400

Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to p...

4.3CVSS5.3AI score0.00304EPSS
CVE
CVE
added 2007/06/19 9:30 p.m.59 views

CVE-2007-3274

Apple Safari 3.0 and 3.0.1 on Windows XP SP2 allows attackers to cause a denial of service (application crash) via JavaScript that sets the document.location variable, as demonstrated by an empty value of document.location.

4.3CVSS6AI score0.00388EPSS
CVE
CVE
added 2007/07/23 4:30 p.m.54 views

CVE-2007-3944

Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: t...

9.3CVSS7.4AI score0.36787EPSS
CVE
CVE
added 2007/06/12 10:30 p.m.47 views

CVE-2007-3187

Multiple unspecified vulnerabilities in Apple Safari for Windows allow remote attackers to cause a denial of service or execute arbitrary code, possibly involving memory corruption, and a different issue from CVE-2007-3185 and CVE-2007-3186. NOTE: as of 20070612, the original disclosure has no acti...

7.5CVSS7.6AI score0.08926EPSS
CVE
CVE
added 2007/11/15 12:46 a.m.45 views

CVE-2007-4692

The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to spoof HTTP authentication for other sites and possibly conduct phishing attacks by causing an authentication sheet to be displayed for a tab that is not a...

4.3CVSS7.2AI score0.01126EPSS
CVE
CVE
added 2007/07/12 4:30 p.m.43 views

CVE-2007-3718

Multiple unspecified vulnerabilities in the SVG parsing engine in Apple Safari 3 Beta for Windows have unspecified remote attack vectors and impact. NOTE: this issue contains no actionable information, but it was released by a reliable researcher.

7.5CVSS6.8AI score0.00383EPSS