Vulnerabilities > Apple > Safari > 4.0.5

DATE CVE VULNERABILITY TITLE RISK
2012-04-05 CVE-2011-3067 Origin Validation Error vulnerability in Google Chrome
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements.
network
google apple CWE-346
6.8
2012-03-30 CVE-2011-3064 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.
network
low complexity
google apple CWE-416
7.5
2012-03-30 CVE-2011-3060 Out-Of-Bounds Read vulnerability in Google Chrome
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
network
google apple CWE-125
6.8
2012-03-30 CVE-2011-3059 Out-Of-Bounds Read vulnerability in Google Chrome
Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
network
google apple CWE-125
6.8
2012-03-22 CVE-2011-3056 Origin Validation Error vulnerability in Google Chrome
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."
6.8
2012-03-22 CVE-2011-3053 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.
6.8
2012-03-22 CVE-2011-3050 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.
6.8
2012-03-12 CVE-2012-0647 Information Exposure vulnerability in Apple Safari
WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header.
network
low complexity
apple CWE-200
5.0
2012-03-12 CVE-2012-0640 Information Exposure vulnerability in Apple Safari
WebKit in Apple Safari before 5.1.4 does not properly implement "From third parties and advertisers" cookie blocking, which makes it easier for remote web servers to track users via a cookie.
network
low complexity
apple CWE-200
5.0
2012-03-12 CVE-2012-0584 Improper Input Validation vulnerability in Apple Safari
The Internationalized Domain Name (IDN) feature in Apple Safari before 5.1.4 on Windows does not properly restrict the characters in URLs, which allows remote attackers to spoof a domain name via unspecified homoglyphs.
network
low complexity
apple microsoft CWE-20
6.4