Vulnerabilities > Apple > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-03-08 | CVE-2012-0589 | Cross-Site Scripting vulnerability in Apple Iphone OS Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0588. | 4.3 |
| 2012-03-08 | CVE-2012-0588 | Cross-Site Scripting vulnerability in Apple Iphone OS Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0589. | 4.3 |
| 2012-03-08 | CVE-2012-0587 | Cross-Site Scripting vulnerability in Apple Iphone OS Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589. | 4.3 |
| 2012-03-08 | CVE-2012-0586 | Cross-Site Scripting vulnerability in Apple Iphone OS Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0587, CVE-2012-0588, and CVE-2012-0589. | 4.3 |
| 2012-03-08 | CVE-2012-0585 | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method. | 5.0 |
| 2012-03-08 | CVE-2011-3844 | Improper Input Validation vulnerability in Apple Safari 5.0.5 Apple Safari 5.0.5 does not properly implement the setInterval function, which allows remote attackers to spoof the address bar via a crafted web page. | 4.3 |
| 2012-03-05 | CVE-2012-0769 | Numeric Errors vulnerability in Adobe Flash Player and Flash Player for Android Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
| 2012-03-05 | CVE-2011-3044 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements. | 6.8 |
| 2012-03-05 | CVE-2011-3043 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements. | 6.8 |
| 2012-03-05 | CVE-2011-3042 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections. | 6.8 |