Vulnerabilities > Apple > Safari > beta2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-12 | CVE-2009-2200 | Information Exposure vulnerability in Apple Safari WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document. | 7.1 |
| 2009-08-12 | CVE-2009-2195 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted floating-point numbers. | 9.3 |
| 2006-03-31 | CVE-2006-1552 | Numeric Errors vulnerability in Apple products Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom". | 5.0 |
| 2005-01-10 | CVE-2004-1314 | Unspecified vulnerability in Apple Safari Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability, a different vulnerability than CVE-2004-1122. | 7.5 |
| 2005-01-10 | CVE-2004-1199 | Denial Of Service vulnerability in Apple Safari Web Browser Infinite Array Sort Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | 5.0 |
| 2004-11-23 | CVE-2004-0361 | Denial Of Service vulnerability in Apple Safari Large JavaScript Array Handling The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service (segmentation fault) by creating a new Array object with a large size value, then writing into that array. | 5.0 |