Safari@4.0 beta Security Vulnerabilities and Issues — Safari@4.0 beta CVE List

Lucene search

AppleSafari4.0 beta

3 matches found

CVE•added 2009/09/29 6:0 p.m.•67 views

CVE-2009-3455

Apple Safari, possibly before 4.0.3, on Mac OS X does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certi...

7.5CVSS5.7AI score0.01808EPSS

CVE•added 2009/08/12 7:30 p.m.•59 views

CVE-2009-2195

Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted floating-point numbers.

9.3CVSS8.7AI score0.2882EPSS

CVE•added 2009/08/12 7:30 p.m.•40 views

CVE-2009-2200

WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document.

7.1CVSS7.5AI score0.00614EPSS