Vulnerabilities > Microsoft > Windows 7 > Critical

DATE CVE VULNERABILITY TITLE RISK
2010-11-22 CVE-2010-3808 Code Injection vulnerability in Apple Safari and Webkit
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of editing commands, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
network
apple microsoft CWE-94
critical
 9.3
9.3
2010-11-22 CVE-2010-3809 Code Injection vulnerability in Apple Safari and Webkit
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of inline styling, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
network
apple microsoft CWE-94
critical
 9.3
9.3
2010-11-22 CVE-2010-3811 Resource Management Errors vulnerability in Apple Safari and Webkit
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element attributes.
network
apple microsoft CWE-399
critical
 9.3
9.3
2010-11-22 CVE-2010-3812 Numeric Errors vulnerability in Apple Safari and Webkit
Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Text objects.
network
apple microsoft CWE-189
critical
 9.3
9.3
2010-11-22 CVE-2010-3816 Resource Management Errors vulnerability in Apple Safari and Webkit
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars.
network
apple microsoft CWE-399
critical
 9.3
9.3
2010-11-22 CVE-2010-3817 Unspecified vulnerability in Apple Safari and Webkit
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) 3D transforms, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
network
apple microsoft
critical
 9.3
9.3
2010-11-22 CVE-2010-3818 Resource Management Errors vulnerability in Apple Safari and Webkit
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving inline text boxes.
network
apple microsoft CWE-399
critical
 9.3
9.3
2010-11-22 CVE-2010-3819 Code Injection vulnerability in Apple Safari and Webkit
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) boxes, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
network
apple microsoft CWE-94
critical
 9.3
9.3
2010-11-22 CVE-2010-3820 Resource Management Errors vulnerability in Apple Safari and Webkit
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses uninitialized memory during processing of editable elements, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
network
apple microsoft CWE-399
critical
 9.3
9.3
2010-11-22 CVE-2010-3821 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari and Webkit
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the :first-letter pseudo-element in a Cascading Style Sheets (CSS) token sequence, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
network
apple microsoft CWE-119
critical
 9.3
9.3