Apple: >> Mac Os X Server >> 10.7.0 Security Vulnerabilities
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
CVSS Score
9.3
EPSS Score
0.015
Published
2011-07-21
Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields.
CVSS Score
4.3
EPSS Score
0.002
Published
2011-07-21
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
CVSS Score
9.3
EPSS Score
0.03
Published
2011-07-21
Apple Safari before 5.0.6 allows remote attackers to bypass the Same Origin Policy, and modify the rendering of text from arbitrary web sites, via a Java applet that loads fonts.
CVSS Score
5.8
EPSS Score
0.001
Published
2011-07-21
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
CVSS Score
9.3
EPSS Score
0.03
Published
2011-07-21
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
CVSS Score
7.5
EPSS Score
0.085
Published
2011-06-21
Page 10