Vulnerabilities > Microsoft > Windows 7

DATE CVE VULNERABILITY TITLE RISK
2010-07-30 CVE-2010-1784 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari and Webkit
The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
network
apple microsoft CWE-119
critical
9.3
2010-07-30 CVE-2010-1783 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari and Webkit
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
network
apple microsoft CWE-119
critical
9.3
2010-07-30 CVE-2010-1782 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari and Webkit
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to the rendering of an inline element.
network
apple microsoft CWE-119
critical
9.3
2010-07-30 CVE-2010-1780 Resource Management Errors vulnerability in Apple Safari and Webkit
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to element focus.
network
apple microsoft CWE-399
critical
9.3
2010-07-30 CVE-2010-1778 Cross-Site Scripting vulnerability in Apple Safari and Webkit
Cross-site scripting (XSS) vulnerability in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via an RSS feed.
4.3
2010-07-30 CVE-2010-1777 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes
Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL.
network
apple microsoft CWE-119
critical
9.3
2010-07-02 CVE-2010-2594 Cross-Site Request Forgery (CSRF) vulnerability in Intersect Alliance Snare Agent and Snare Epilog
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port.
6.8
2010-06-18 CVE-2010-1769 Multiple vulnerability in RETIRED: Apple iPhone/iPod touch Prior to iOS 4
WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763.
network
low complexity
apple microsoft
critical
10.0
2010-06-18 CVE-2010-1763 Unspecified vulnerability in Apple Itunes
Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769.
network
low complexity
apple microsoft
critical
10.0
2010-06-11 CVE-2010-2264 Information Exposure vulnerability in Apple Safari and Webkit
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document.
4.3