Vulnerabilities > Apple > Webkit > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-02-18 | CVE-2010-0651 | Information Exposure vulnerability in multiple products WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document. | 4.3 |
2008-04-17 | CVE-2008-1025 | Cross-Site Scripting vulnerability in Apple Safari and Webkit Cross-site scripting (XSS) vulnerability in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a colon in the hostname portion. | 4.3 |
2007-01-18 | CVE-2007-0342 | Resource Management Errors vulnerability in multiple products WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null dereference and application crash) via a TD element with a large number in the ROWSPAN attribute, as demonstrated by a crash of OmniWeb 5.5.3 on Mac OS X 10.4.8, a different vulnerability than CVE-2006-2019. | 4.3 |