Vulnerabilities > Apple > Safari > 2.0

DATE CVE VULNERABILITY TITLE RISK
2010-06-11 CVE-2010-1761 Resource Management Errors vulnerability in Apple Safari and Webkit
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML document subtrees.
network
apple microsoft CWE-399
critical
9.3
2010-06-11 CVE-2010-1759 Resource Management Errors vulnerability in Apple Safari and Webkit
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Node.normalize method.
network
apple microsoft CWE-399
critical
9.3
2010-06-11 CVE-2010-1758 Resource Management Errors vulnerability in Apple Safari and Webkit
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving DOM Range objects.
network
apple microsoft CWE-399
critical
9.3
2010-06-11 CVE-2010-1421 Multiple Security vulnerability in RETIRED: Apple Safari Prior to 5.0 and 4.1
The execCommand JavaScript function in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict remote execution of clipboard commands, which allows remote attackers to modify the clipboard via a crafted HTML document.
network
apple microsoft
4.3
2010-06-11 CVE-2010-1419 Resource Management Errors vulnerability in Apple Safari and Webkit
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a certain window close action that occurs during a drag-and-drop operation.
network
apple microsoft CWE-399
critical
9.3
2010-06-11 CVE-2010-1418 Cross-Site Scripting vulnerability in Apple Safari and Webkit
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via a FRAME element with a SRC attribute composed of a javascript: sequence preceded by spaces.
4.3
2010-06-11 CVE-2010-0544 Cross-Site Scripting vulnerability in Apple Safari and Webkit
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to a malformed URL.
4.3
2010-06-11 CVE-2010-1750 Resource Management Errors vulnerability in Apple Safari
Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management.
network
apple microsoft CWE-399
critical
9.3
2010-06-11 CVE-2010-1749 Resource Management Errors vulnerability in Apple Safari and Webkit
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Cascading Style Sheets (CSS) run-in property and multiple invocations of a destructor for a child element that has been referenced multiple times.
network
apple microsoft CWE-399
critical
9.3
2010-06-11 CVE-2010-1422 Multiple Security vulnerability in RETIRED: Apple Safari Prior to 5.0 and 4.1
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle changes to keyboard focus that occur during processing of key press events, which allows remote attackers to force arbitrary key presses via a crafted HTML document.
network
apple microsoft
4.3