Vulnerabilities > Apple > Safari > 3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-09-27 | CVE-2007-3758 | Cross-site Scripting vulnerability in Apple Safari Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and in Mac OS X 10.4 through 10.4.10, allows remote attackers to set Javascript window properties for web pages that are in a different domain, which can be leveraged to conduct cross-site scripting (XSS) attacks. | 4.3 |
| 2007-09-27 | CVE-2007-3756 | Information Exposure vulnerability in Apple Safari Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to obtain sensitive information via a crafted web page that identifies the URL of the parent window, even when the parent window is in a different domain. | 4.3 |
| 2007-07-23 | CVE-2007-3944 | Buffer Errors vulnerability in Apple Iphone OS, Safari and Webkit Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. | 9.3 |
| 2007-07-12 | CVE-2007-3718 | Multiple Unspecified vulnerability in Apple Safari 3.0 Multiple unspecified vulnerabilities in the SVG parsing engine in Apple Safari 3 Beta for Windows have unspecified remote attack vectors and impact. | 7.5 |
| 2007-06-25 | CVE-2007-2400 | Race Condition vulnerability in Apple Iphone OS and Safari Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site scripting (XSS) attacks via vectors related to page updating and HTTP redirects. | 4.3 |
| 2007-06-19 | CVE-2007-3274 | Resource Management Errors vulnerability in Apple Safari 3.0/3.0.1 Apple Safari 3.0 and 3.0.1 on Windows XP SP2 allows attackers to cause a denial of service (application crash) via JavaScript that sets the document.location variable, as demonstrated by an empty value of document.location. | 4.3 |
| 2007-06-12 | CVE-2007-3187 | Denial-Of-Service vulnerability in Apple Safari 3.0 Multiple unspecified vulnerabilities in Apple Safari for Windows allow remote attackers to cause a denial of service or execute arbitrary code, possibly involving memory corruption, and a different issue from CVE-2007-3185 and CVE-2007-3186. | 7.5 |
| 2007-06-12 | CVE-2007-3186 | Permissions, Privileges, and Access Controls vulnerability in Apple Safari Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI. | 9.3 |