Vulnerabilities > Apple > Safari > 1.3.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-03-19 | CVE-2008-1002 | Cross-Site Scripting vulnerability in Apple Safari Cross-site scripting (XSS) vulnerability in Apple Safari before 3.1 allows remote attackers to inject arbitrary web script or HTML via a crafted javascript: URL. | 4.3 |
| 2007-11-15 | CVE-2007-4698 | Cross-Site Scripting vulnerability in Apple Safari Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to conduct cross-site scripting (XSS) attacks by causing JavaScript events to be associated with the wrong frame. | 4.3 |
| 2007-11-15 | CVE-2007-4692 | Improper Authentication vulnerability in Apple Safari The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to spoof HTTP authentication for other sites and possibly conduct phishing attacks by causing an authentication sheet to be displayed for a tab that is not active, which makes it appear as if it is associated with the active tab. | 4.3 |
| 2007-09-27 | CVE-2007-4671 | Improper Input Validation vulnerability in Apple Safari Unspecified vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to "alter or access" HTTPS content via an HTTP session with a crafted web page that causes Javascript to be applied to HTTPS pages from the same domain. | 6.8 |
| 2007-09-27 | CVE-2007-3760 | Cross-site Scripting vulnerability in Apple Safari Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to inject arbitrary web script or HTML via frame tags. | 4.3 |
| 2007-09-27 | CVE-2007-3758 | Cross-site Scripting vulnerability in Apple Safari Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and in Mac OS X 10.4 through 10.4.10, allows remote attackers to set Javascript window properties for web pages that are in a different domain, which can be leveraged to conduct cross-site scripting (XSS) attacks. | 4.3 |
| 2007-09-27 | CVE-2007-3756 | Information Exposure vulnerability in Apple Safari Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to obtain sensitive information via a crafted web page that identifies the URL of the parent window, even when the parent window is in a different domain. | 4.3 |
| 2006-04-25 | CVE-2006-2019 | Denial Of Service vulnerability in Apple Safari Web Browser Rowspan Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute. | 5.0 |