Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Safari  Security Vulnerabilities
CVE-2010-0053
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property.
CVSS Score
9.3
EPSS Score
0.065
Published
2010-03-15
CVE-2010-0054
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements.
CVSS Score
9.3
EPSS Score
0.085
Published
2010-03-15
CVE-2010-0040
Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow.
CVSS Score
9.3
EPSS Score
0.198
Published
2010-03-15
CVE-2010-0041
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted BMP image.
CVSS Score
4.3
EPSS Score
0.012
Published
2010-03-15
CVE-2010-0042
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted TIFF image.
CVSS Score
4.3
EPSS Score
0.01
Published
2010-03-15
CVE-2010-0043
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.
CVSS Score
9.3
EPSS Score
0.162
Published
2010-03-15
CVE-2010-0044
PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.
CVSS Score
4.3
EPSS Score
0.005
Published
2010-03-15
CVE-2010-0045
Apple Safari before 4.0.5 on Windows does not properly validate external URL schemes, which allows remote attackers to open local files and execute arbitrary code via a crafted HTML document.
CVSS Score
9.3
EPSS Score
0.027
Published
2010-03-15
CVE-2010-0046
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments.
CVSS Score
9.3
EPSS Score
0.09
Published
2010-03-15
CVE-2010-0047
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "HTML object element fallback content."
CVSS Score
8.8
EPSS Score
0.063
Published
2010-03-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved