Safari@4.0.3 Security Vulnerabilities and Issues — Page 4 of Safari@4.0.3 CVE List

Lucene search

AppleSafari4.0.3

176 matches found

cve•added 2012/07/25 8:55 p.m.•40 views

CVE-2012-3633

WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

9.3CVSS7.8AI score0.0271EPSS

cve•added 2012/07/25 8:55 p.m.•40 views

CVE-2012-3663

9.3CVSS7.8AI score0.02826EPSS

cve•added 2012/07/25 8:55 p.m.•40 views

CVE-2012-3666

9.3CVSS7.8AI score0.02767EPSS

cve•added 2012/07/25 7:55 p.m.•40 views

CVE-2012-3689

WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site.

5.8CVSS6AI score0.00155EPSS

cve•added 2012/03/12 9:55 p.m.•39 views

CVE-2012-0584

The Internationalized Domain Name (IDN) feature in Apple Safari before 5.1.4 on Windows does not properly restrict the characters in URLs, which allows remote attackers to spoof a domain name via unspecified homoglyphs.

6.4CVSS6.1AI score0.00585EPSS

cve•added 2012/07/25 8:55 p.m.•39 views

CVE-2012-3592

9.3CVSS7.8AI score0.0271EPSS

cve•added 2012/07/25 8:55 p.m.•39 views

CVE-2012-3625

9.3CVSS7.8AI score0.021EPSS

cve•added 2012/07/25 8:55 p.m.•39 views

CVE-2012-3636

9.3CVSS7.8AI score0.02826EPSS

cve•added 2012/07/25 8:55 p.m.•39 views

CVE-2012-3638

9.3CVSS7.8AI score0.0271EPSS

cve•added 2012/07/25 8:55 p.m.•39 views

CVE-2012-3669

9.3CVSS7.8AI score0.021EPSS

cve•added 2010/03/03 7:30 p.m.•38 views

CVE-2010-0924

cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.3 and 4.0.4 on Windows, allows remote attackers to cause a denial of service (application crash) via a long string in the BACKGROUND attribute of a BODY element.

5CVSS6.3AI score0.00481EPSS

cve•added 2012/07/25 8:55 p.m.•38 views

CVE-2012-3618

9.3CVSS7.8AI score0.0271EPSS

cve•added 2012/07/25 8:55 p.m.•38 views

CVE-2012-3629

9.3CVSS7.8AI score0.02826EPSS

cve•added 2012/07/25 8:55 p.m.•38 views

CVE-2012-3637

9.3CVSS7.8AI score0.02653EPSS

cve•added 2012/07/25 7:55 p.m.•38 views

CVE-2012-3697

WebKit in Apple Safari before 6.0 does not properly handle file: URLs, which allows remote attackers to bypass intended sandbox restrictions and read arbitrary files by leveraging a WebProcess compromise.

7.1CVSS6.3AI score0.00138EPSS

cve•added 2011/10/14 10:55 a.m.•37 views

CVE-2011-3231

The SSL implementation in Apple Safari before 5.1.1 on Mac OS X before 10.7 accesses uninitialized memory during the processing of X.509 certificates, which allows remote web servers to execute arbitrary code via a crafted certificate.

6.8CVSS7.4AI score0.00319EPSS

cve•added 2012/03/12 9:55 p.m.•37 views

CVE-2012-0640

WebKit in Apple Safari before 5.1.4 does not properly implement "From third parties and advertisers" cookie blocking, which makes it easier for remote web servers to track users via a cookie.

5CVSS6AI score0.00291EPSS

cve•added 2012/07/25 8:55 p.m.•37 views

CVE-2012-3597

9.3CVSS7.8AI score0.0271EPSS

cve•added 2012/07/25 8:55 p.m.•37 views

CVE-2012-3609

9.3CVSS7.8AI score0.0271EPSS

cve•added 2012/07/25 8:55 p.m.•37 views

CVE-2012-3661

9.3CVSS7.8AI score0.02826EPSS

cve•added 2012/07/25 8:55 p.m.•36 views

CVE-2012-3600