Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Safari  >> 3.1.1  Security Vulnerabilities
CVE-2010-0049
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality.
CVSS Score
9.3
EPSS Score
0.365
Published
2010-03-15
CVE-2010-0050
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.
CVSS Score
8.8
EPSS Score
0.451
Published
2010-03-15
CVE-2010-0051
WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote attackers to obtain sensitive information via a crafted HTML document. NOTE: this might overlap CVE-2010-0651.
CVSS Score
4.3
EPSS Score
0.024
Published
2010-03-15
CVE-2010-0052
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements."
CVSS Score
9.3
EPSS Score
0.085
Published
2010-03-15
CVE-2010-0053
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property.
CVSS Score
9.3
EPSS Score
0.065
Published
2010-03-15
CVE-2010-0054
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements.
CVSS Score
9.3
EPSS Score
0.085
Published
2010-03-15
CVE-2010-0040
Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow.
CVSS Score
9.3
EPSS Score
0.198
Published
2010-03-15
CVE-2010-0041
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted BMP image.
CVSS Score
4.3
EPSS Score
0.012
Published
2010-03-15
CVE-2010-0042
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted TIFF image.
CVSS Score
4.3
EPSS Score
0.01
Published
2010-03-15
CVE-2010-0043
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.
CVSS Score
9.3
EPSS Score
0.162
Published
2010-03-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved