Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-07-21 | CVE-2011-0218 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari and Webkit WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | 9.3 |
2011-07-21 | CVE-2011-0217 | Information Exposure vulnerability in Apple Safari Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields. | 4.3 |
2011-07-21 | CVE-2011-0216 | Numeric Errors vulnerability in Apple Safari Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site. | 9.3 |
2011-07-21 | CVE-2011-0215 | Improper Input Validation vulnerability in Apple Imageio and Safari ImageIO in Apple Safari before 5.0.6 on Windows does not properly address re-entrancy issues, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file. | 9.3 |
2011-07-21 | CVE-2011-0214 | Cryptographic Issues vulnerability in Apple Cfnetwork and Safari CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority. | 5.0 |
2011-07-21 | CVE-2010-1420 | Cross-Site Scripting vulnerability in Apple Cfnetwork and Safari Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file. | 4.3 |
2011-07-21 | CVE-2010-1383 | Credentials Management vulnerability in Apple Cfnetwork and Safari CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue. | 9.3 |
2011-07-21 | CVE-2011-2307 | Remote vulnerability in Oracle Sun SPARC T3/Netra T3/Fire/Blade Server Series Unspecified vulnerability in Oracle SysFW 8.1.0.a in various Oracle SPARC T3, Netra SPARC T3, Sun Fire, and Sun Blade servers allows remote attackers to affect confidentiality, integrity, and availability, related to Sun Integrated Lights Out Manager (ILOM). | 7.5 |
2011-07-21 | CVE-2011-2305 | Local vulnerability in Oracle VM VirtualBox Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | 6.2 |
2011-07-21 | CVE-2011-2300 | Local vulnerability in Oracle VM Virtualbox 4.0 Unspecified vulnerability in Oracle VM VirtualBox 3.0, 3.1, 3.2, and 4.0 through 4.0.8 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Guest Additions for Windows. | 3.7 |