Vulnerabilities > Apple > Safari

DATE CVE VULNERABILITY TITLE RISK
2004-04-15 CVE-2003-0514 Unspecified vulnerability in Apple Safari 1.0/1.1
Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g.
network
low complexity
apple
7.5
2003-12-15 CVE-2003-0975 Unspecified vulnerability in Apple mac OS X, mac OS X Server and Safari
Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
network
low complexity
apple
5.0
2003-06-16 CVE-2003-0370 Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
network
low complexity
apple kde redhat turbolinux
7.5
2003-06-09 CVE-2003-0355 Remote Security vulnerability in Konqueror Embedded
Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates.
network
low complexity
apple kde
5.0