Apple: >> Safari >> 2.0_pre Security Vulnerabilities
The plug-in interface in WebKit in Apple Safari before 3.2 does not prevent plug-ins from accessing local URLs, which allows remote attackers to obtain sensitive information via vectors that "launch local files."
CVSS Score
4.3
EPSS Score
0.006
Published
2008-11-17
Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom".
CVSS Score
5.0
EPSS Score
0.038
Published
2006-03-31
Page 2