Vulnerabilities > Apple > Safari > 2.0

DATE CVE VULNERABILITY TITLE RISK
2012-07-25 CVE-2012-3592 Unspecified vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
network
apple
critical
9.3
2012-07-25 CVE-2012-3591 Unspecified vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
network
apple
critical
9.3
2012-07-25 CVE-2012-3590 Unspecified vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
network
apple
8.8
2012-07-25 CVE-2012-3589 Unspecified vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
network
apple
critical
9.3
2012-07-25 CVE-2012-1520 Unspecified vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
network
apple
critical
9.3
2012-07-25 CVE-2012-0683 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
network
apple CWE-119
critical
9.3
2012-07-25 CVE-2012-0682 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
network
apple CWE-119
critical
9.3
2012-07-25 CVE-2012-3697 Permissions, Privileges, and Access Controls vulnerability in Apple Safari
WebKit in Apple Safari before 6.0 does not properly handle file: URLs, which allows remote attackers to bypass intended sandbox restrictions and read arbitrary files by leveraging a WebProcess compromise.
network
apple CWE-264
7.1
2012-07-25 CVE-2012-3696 Improper Input Validation vulnerability in Apple Safari
CRLF injection vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP request splitting attacks via a crafted web site that leverages improper WebSockets URI handling.
network
apple CWE-20
4.3
2012-07-25 CVE-2012-3695 Cross-Site Scripting vulnerability in Apple Safari
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML by leveraging improper URL canonicalization during the handling of the location.href property.
network
apple CWE-79
4.3