Download
| Alert*
oval:org.secpod.oval:def:17289
The host is installed with Apple Safari before 3.2.2 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the application, which fails to properly handle a 3xx HTTP CONNECT response before a successful SSL handshake. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:17208 The host is installed with Apple Safari before 3.1 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted regular expressions in JavaScript. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:17204 The host is installed with Apple Safari before 3.1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to change the security context of a webpage to the caller's contex ... oval:org.secpod.oval:def:17202 The host is installed with Apple Safari before 3.1 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle unknown vectors related to the Web Inspector. Successful exploitation could allow attackers to inject arbitrary web script or HTML. oval:org.secpod.oval:def:17201 The host is installed with Apple Safari before 3.1 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle unknown vectors related to sites that set the document.domain property or have the same document.domain. Successful exploitation could ... oval:org.secpod.oval:def:17207 The host is installed with Apple Safari before 3.1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle the history object. Successful exploitation allows remote attackers to inject arbitrary JavaScript. oval:org.secpod.oval:def:17206 The host is installed with Apple Safari before 3.1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle the document.domain property. Successful exploitation allows remote attackers to conduct cross-site scripting (XSS) attacks. oval:org.secpod.oval:def:17205 The host is installed with Apple Safari before 3.1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web page. Successful exploitation allows remote attackers to conduct cross-site scripting (XSS) attacks. oval:org.secpod.oval:def:17200 The host is installed with Apple Safari before 3.1 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle a crafted web page. Successful exploitation could allow attackers to execute javascript in the context of another site. oval:org.secpod.oval:def:17214 The host is installed with Apple Safari before 3.1.1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle a crafted URL with a colon in the hostname portion. Successful exploitation allows remote attackers to inject arbitrary web ... oval:org.secpod.oval:def:17209 The host is installed with Apple Safari before 3.1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle a frame that calls a method instance in another frame. Successful exploitation allows remote attackers to inject arbitrary web ... oval:org.secpod.oval:def:17203 The host is installed with Apple Safari before 3.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly mask the password field when reverse conversion is used with the Kotoeri input method. Successful exploitation allows physically p ... oval:org.secpod.oval:def:17212 The host is installed with Apple Safari before 3.1 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the application, which fails to properly handle crafted certificates. Successful exploitation allows remote attackers to spoof trusted SSL certificates. oval:org.secpod.oval:def:17345 The host is installed with Apple Safari before 4.0.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly restrict the URL scheme of the pluginspage attribute of an EMBED element. Successful exploitation could allow attackers to launc ... oval:org.secpod.oval:def:17343 The host is installed with Apple Safari before 4.0.3 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle crafted floating-point numbers. Successful exploitation could allow attackers execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:17217 The host is installed with Apple Safari before 3.1.1 and is prone to a phishing attacks vulnerability. A flaw is present in the application, which fails to properly handle a timing issue. Successful exploitation allows remote attackers to spoof the contents of a legitimate site. oval:org.secpod.oval:def:17286 The host is installed with Apple Safari before 3.2.3 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle SVGList objects. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:17285 The host is installed with Apple Safari before 3.2.3 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle a a crafted feed: URL. Successful exploitation could allow attackers to inject arbitrary web script or HTML. oval:org.secpod.oval:def:17294 The host is installed with Apple Safari before 4.0.3 and is prone to an incomplete blacklist vulnerability. A flaw is present in the application, which fails to properly properly handle unspecified homoglyphs. Successful exploitation could allow attackers to spoof domain names in URLs. oval:org.secpod.oval:def:17299 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle textnodes. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:1829 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application which fails to handle off-by-one error in libxml. Successful exploitation allows remote attackers to execute arbitrary code or ca ... oval:org.secpod.oval:def:1810 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:1812 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to information disclosure vulnerability. A flaw is present in the application which fails to handle vectors related to improper canonicalization of URLs within RSS feeds. Successful exploitation allows remote at ... oval:org.secpod.oval:def:1811 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:1813 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application which fails to handle vectors involving a URL that contains a username. Successful exploitation allows remote attackers to inject ... oval:org.secpod.oval:def:1805 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:1804 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to arbitrary code execution vulnerability. A flaw is present in the application which fails to handle libxslt security settings in webKit. Successful exploitation allows remote attack ... oval:org.secpod.oval:def:1807 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary code ... oval:org.secpod.oval:def:1806 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:1809 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of ser ... oval:org.secpod.oval:def:1808 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:1821 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes version less than 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute ... oval:org.secpod.oval:def:1820 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:1823 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes less than 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrar ... oval:org.secpod.oval:def:1822 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes version less than 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute ... oval:org.secpod.oval:def:1825 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to bypass vulnerability. A flaw is present in the application which fails to handle a Java applet that loads fonts. Successful exploitation allows remote attackers to bypass the cross Origin Policy, and modify t ... oval:org.secpod.oval:def:1824 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes less than 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrar ... oval:org.secpod.oval:def:1816 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:1815 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:1818 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:1817 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:1819 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:1830 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes less than 10.5 and is prone to denial of service vulnerability. A flaw is present in ImageIO in the application which fails to handle a crafted TIFF image. Successful exploitation allows remote attackers to e ... oval:org.secpod.oval:def:1832 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to security bypass vulnerability. A flaw is present in CFNetwork in the application which fails to handle a crafted text/plain file. Successful exploitation allows remote attackers to inject arbitrary web script ... oval:org.secpod.oval:def:1831 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to security bypass vulnerability. A flaw is present in CFNetwork in the application which fails to handle an untrusted attribute of a system root certificate. Successful exploitation allows remote web servers to ... oval:org.secpod.oval:def:1833 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to arbitrary code execution vulnerability. A flaw is present in CFNetwork in the application which fails to handle credential reflection issue. Successful exploitation allows remote web servers to execute arbitr ... oval:org.secpod.oval:def:1827 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes version less than 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute ... oval:org.secpod.oval:def:1826 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes less than 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrar ... oval:org.secpod.oval:def:1828 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to information disclosure vulnerability. A flaw is present in the application which fails to execute AutoFill information to scripts after HTML form submission. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:17224 The host is installed with Apple Safari before 3.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle color spaces. Successful exploitation could allow attackers to crash the service or execute arbitrary code. oval:org.secpod.oval:def:17229 The host is installed with Apple Safari before 3.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly prevent caching of form data for form fields that have autocomplete disabled. Successful exploitation could allows local users to ... oval:org.secpod.oval:def:17232 The host is installed with Apple Safari before 3.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to prevent plug-ins from accessing local URLs. Successful exploitation could allow attackers to obtain sensitive information. oval:org.secpod.oval:def:17298 The host is installed with Apple Safari before 5.0.5 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle textnodes. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:17233 The host is missing a security update according to Apple advisory, APPLE-SA-2008-11-13. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to obtain sensitive inf ... oval:org.mitre.oval:def:11909 Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to impro ... oval:org.mitre.oval:def:7037 Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database ... oval:org.mitre.oval:def:5915 Apple Safari before 4.0.4 does not properly implement certain (1) Open Image and (2) Open Link menu options, which allows remote attackers to read local HTML files via a crafted web site. oval:org.mitre.oval:def:12079 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of inline styling, which allows remote attackers to execute arbitrary code or cause a denial of service (app ... oval:org.mitre.oval:def:12060 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the History object, which allows remote attackers to spoof the location bar's URL or add URLs to the history via a cross-origin attack. oval:org.mitre.oval:def:12293 The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS prefetching ... oval:org.mitre.oval:def:12160 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of editing commands, which allows remote attackers to execute arbitrary code or cause a denial of service (a ... oval:org.mitre.oval:def:12148 The host is installed with Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier or Apple iTunes before 10.2 and is prone to memory corruption vulnerability. The flaw is present in the ibxml2 before 2.7.8, which reads from invalid memory locations during processing of malformed XPath expre ... oval:org.mitre.oval:def:12130 Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string. oval:org.mitre.oval:def:12138 Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus. oval:org.mitre.oval:def:12255 Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. oval:org.mitre.oval:def:12002 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) 3D transforms, which allows remote attackers to execute arbitrary code or ca ... oval:org.mitre.oval:def:12233 Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving inline text boxes. oval:org.secpod.oval:def:14268 The host is installed with Apple Safari before 4.0.4 is prone to buffer overflow vulnerability. The flaw is present in the application which fails to properly handle a crafted ColorSync profile embedded in an image. Successful exploitation allows attacker to cause a denial of service. oval:org.mitre.oval:def:11495 The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a relate ... oval:org.secpod.oval:def:455 The host is installed with Apple Safari and is prone to code injection vulnerability. A flaw is present in Webkit, which fails to handle Attr.style accessor leading to cross-origin issue. Successful exploitation could allow remote attackers to inject Cascading Style Sheets (CSS) token sequences in o ... oval:org.secpod.oval:def:454 The host is installed with Apple Safari and is prone to information disclosure vulnerability. A flaw is present in Webkit in conjunction with HTTP Basic Authentication, which fails to handle redirection and discloses user's authentication credentials. Successful exploitation could allow remote attac ... oval:org.mitre.oval:def:12216 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the :first-letter pseudo-element in a Cascading Style Sheets (CSS) token sequence, which allows remote attackers to execute arbitrary code or cause a denial of s ... oval:org.secpod.oval:def:457 The host is installed with Apple Safari and is prone to information disclosure vulnerability. A flaw is present in Webkit, which fails to handle HTML5 drag and drop operations leading to cross-origin issue. Successful exploitation could allow remote attackers to obtain sensitive information. oval:org.secpod.oval:def:456 The host is installed with Apple Safari and is prone to denial of service vulnerability. A flaw is present in Webkit, which fails to handle cached resources leading to cache-poisoning. Successful exploitation could allow remote attackers to cause denial of service. oval:org.secpod.oval:def:459 The host is installed with Apple Safari and is prone to cross site scripting vulnerability. A flaw is present in window.console._inspectorCommandLineAPI property in Web Inspector, which fails to sanitize user supplied data. Successful exploitation could allow remote attackers to execute arbitrary co ... oval:org.secpod.oval:def:458 The host is installed with Apple Safari and is prone to arbitrary file upload vulnerability. A flaw is present in Webkit, which fails to correctly implement windows functionality leading to cross-origin issue. Successful exploitation could allow remote attackers to upload arbitrary files on the affe ... oval:org.mitre.oval:def:6516 The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to con ... oval:org.mitre.oval:def:12306 Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Geolocation objects. NOTE: this ... oval:org.mitre.oval:def:12300 Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving SVG use elements. oval:org.mitre.oval:def:11689 Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows remote attackers to execute arbitrary code or cause ... oval:org.mitre.oval:def:11673 Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving WebSockets. NOTE: this may overlap CVE-2010 ... oval:org.mitre.oval:def:11308 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) boxes, which allows remote attackers to execute arbitrary code or cause a de ... oval:org.mitre.oval:def:11899 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses an uninitialized pointer during processing of Cascading Style Sheets (CSS) counter styles, which allows remote attackers to execute arbitrary code or cause a denial of service ( ... oval:org.mitre.oval:def:11538 Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element attributes. oval:org.secpod.oval:def:632 The host is installed with Google Chrome before 10.0.648.204 and is prone to denial of service vulnerability. A flaw is present in the application which does not properly handle parentage. Successful exploitation allow remote attackers to cause a denial of service or possibly have unspecified other ... oval:org.mitre.oval:def:6362 Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing in a reply. oval:org.mitre.oval:def:11972 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses uninitialized memory during processing of editable elements, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a craft ... oval:org.secpod.oval:def:2674 The host is missing a security update according to APPLE-SA-2011-04-14-3. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application which fail to properly handle CSS style and certain text nodes. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:813 The host is installed with Apple Safari and is prone to integer underflow vulnerability. A flaw is present in the application in WebKit's handling of WebSockets. Successful exploitation allows attacker to cause a denial of service (application crash) oval:org.secpod.oval:def:812 The host is installed with Apple Safari and is prone to use-after-free vulnerability. A flaw is present in the application in WebKit's handling of inline text boxes. Successful exploitation allows attacker to make an unexpected application termination or arbitrary code execution oval:org.mitre.oval:def:11814 WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of colors in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of s ... oval:org.secpod.oval:def:1814 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to heap-based buffer overflow vulnerability. A flaw is present in ImageIO in the application which fails to handle a crafted TIFF image with CCITT Group 4 encoding. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:17287 The host is missing a security update according to Apple advisory, APPLE-SA-2009-05-12. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:40348 The host is missing a security update according to Apple advisory, APPLE-SA-2011-07-20-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote web servers to execute arbitrary code ... oval:org.secpod.oval:def:1803 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:1801183 CVE-2018-4246 Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4261 Processing maliciously crafted web content may lead to arbitrary code execution ... oval:org.secpod.oval:def:44802 The host is missing a security update according to Apple advisory, APPLE-SA-2018-3-29-8. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sensi ... oval:org.secpod.oval:def:704334 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:2000193 In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. oval:org.secpod.oval:def:14273 The host is installed with Apple Safari before 4.0.4 is prone to information disclosure vulnerability. The flaw is present in the application which fails to properly handle Open Image and Open Link menu options via a crafted web site. Successful exploitation allows attacker to execute arbitrary code ... oval:org.secpod.oval:def:14271 The host is installed with Apple Safari before 4.0.4 is prone to cross-site request forgery vulnerability. The flaw is present in the application which fails to properly handle certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight. Successful exploitation a ... oval:org.secpod.oval:def:14272 The host is installed with Apple Safari before 4.0.4 is prone to information disclosure vulnerability. The flaw is present in the application which fails to properly handle HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480. Successful exploitatio ... oval:org.secpod.oval:def:15502 The host is installed with Apple Safari before 5.1.10 and is prone to remote code execution vulnerability. The flaw is present in the JavaScriptCore's JSArray::sort() method, which fails in proper bound checking. Successful exploitation could allow attackers to cause an unexpected application termin ... oval:org.secpod.oval:def:15501 The host is missing an important security update according to Apple advisory, APPLE-SA-2013-09-12-2. The update is required to fix multiple vulnerabilities. The flaws are present in the JavaScriptCore's JSArray::sort() method, which fails in proper bound checking. Successful exploitation could allow ... oval:org.secpod.oval:def:2981 The host is installed with Apple Safari before 5.1.1 and is prone to a security bypass vulnerability. A flaw is present in the application, a logic error when handling cookies while in Private Browsing mode. Successful exploitation could allow attackers to set cookies although the "Block cookies" op ... oval:org.secpod.oval:def:2980 The host is installed with Apple Safari before 5.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle uninitialized memory during the processing of X.509 certificates. Successful exploitation could allow to execute arbitr ... oval:org.secpod.oval:def:2982 The host is installed with Apple Safari before 5.1.1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle vectors involving inactive DOM windows. Successful exploitation could allow to execute arbitrary JavaScript code. oval:org.secpod.oval:def:2985 The host is installed with Google Chrome before 10.0.648.204 or Apple Safari less than or equal to 5.0.5 and is prone to a denial of service vulnerability. A flaw is present in the applications, which do not properly handle parentage. Successful exploitation allow remote attackers to cause a denial ... oval:org.secpod.oval:def:2984 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application which fails to handle vectors involving a URL that contains a username. Successful exploitation allows remote attackers to inject ... oval:org.secpod.oval:def:2987 The host is installed with Apple Safari before 5.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to enforce an intended policy for file: URLs. Successful exploitation could allow to execute arbitrary code. oval:org.secpod.oval:def:2989 The host is missing a security update according to APPLE-SA-2011-07-20-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize crafted input. Successful exploitation could allow attackers to affect confidentiality, integrity, and a ... oval:org.secpod.oval:def:2961 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to bypass vulnerability. A flaw is present in the application which fails to handle a Java applet that loads fonts. Successful exploitation allows remote attackers to bypass the cross Origin Policy, and modify t ... oval:org.secpod.oval:def:2963 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to information disclosure vulnerability. A flaw is present in the application which provides AutoFill information to scripts that execute before HTML form submission. Successful exploitation allows remote attack ... oval:org.secpod.oval:def:2965 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to security bypass vulnerability. A flaw is present in CFNetwork in the application which fails to handle a crafted text/plain file. Successful exploitation allows remote attackers to inject arbitrary web script ... oval:org.secpod.oval:def:2964 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application which fails to handle off-by-one error in libxml. Successful exploitation allows remote attackers to execute arbitrary code or ca ... oval:org.secpod.oval:def:2979 The host is installed with Apple Safari before 5.1.1 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle a crafted safari extension. Successful exploitation could allow to execute arbitrary JavaScript code. oval:org.secpod.oval:def:2940 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to arbitrary code execution vulnerability. A flaw is present in the application which fails to handle libxslt security settings in webKit. Successful exploitation allows remote attackers to create arbitrary file ... oval:org.secpod.oval:def:2949 The host is installed with Apple Safari version less than or equal to 5.0.5 or Mac OS X 10.6.8 and is prone to heap-based buffer overflow vulnerability. A flaw is present in ImageIO in the application, which fails to handle a crafted TIFF image with CCITT Group 4 encoding. Successful exploitation al ... oval:org.secpod.oval:def:2948 The host is installed with Apple Safari version less than or equal to 5.0.5 and is prone to information disclosure vulnerability. A flaw is present in the application which fails to handle vectors related to improper canonicalization of URLs within RSS feeds. Successful exploitation allows remote at ... oval:org.secpod.oval:def:2680 The host is installed wit Apple Safari before 5.0.4 and is prone to unspecified memory corruption vulnerability. A flaw is present in the application which fails to properly handle redirects in conjunction with HTTP Basic Authentication. Successful exploitation allows remote attackers to cause denia ... oval:org.secpod.oval:def:2682 The host is installed wit Apple Safari before 5.0.4 and is prone to denial of service vulnerability. A flaw is present in the application which is caused by a cache poisoning error in WebKit when handling cached resources. Successful exploitation allows remote attacker to cause denial of service con ... oval:org.secpod.oval:def:2681 The host is installed wit Apple Safari before 5.0.4 and is prone to cross-domain script-injection vulnerability. A flaw is present in the application which fails to properly handle Attr.style accessor. Successful exploitation allows remote attacker to execute arbitrary script code. oval:org.secpod.oval:def:2684 The host is installed wit Apple Safari before 5.0.4 and is prone to cross domain information disclosure vulnerability. A flaw is present in the application which fails to properly enforce the same-origin policy. Successful exploitation allows remote attacker to disclose sensitive information. oval:org.secpod.oval:def:2683 The host is installed wit Apple Safari before 5.0.4 and is prone to information-disclosure vulnerability. A flaw is present in the application which fails to properly handle HTML5 drag and drop operations. Successful exploitation allows remote attacker to gain sensitive information. oval:org.secpod.oval:def:2685 The host is installed with Apple Safari before 5.0.4 and is prone to cross site scripting vulnerability. A flaw is present in the application which fails to properly validate user supplied data. Successful exploitation could allow remote attackers to execute arbitrary code on the affected system. oval:org.secpod.oval:def:2673 The host is missing a security update according to APPLE-SA-2011-04-14-3. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application which fail to properly handle CSS style and certain text nodes. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:2672 The host is installed with Apple Safari before 5.0.5 and is prone to use-after-free vulnerability. A flaw is present in the application which fails to properly handle certain text nodes. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:3394 The host is installed with Apple Safari before 5.1.1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle vectors involving inactive DOM windows. Successful exploitation could allow to execute arbitrary JavaScript code. oval:org.secpod.oval:def:3395 The host is installed with Apple Safari before 5.1.1 and is prone to a security bypass vulnerability. A flaw is present in the application, a logic error when handling cookies while in Private Browsing mode. Successful exploitation could allow attackers to set cookies although the "Block cookies" op ... oval:org.secpod.oval:def:3349 The host is installed with Apple Safari before 5.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to enforce an intended policy for file: URLs. Successful exploitation could allow to execute arbitrary code. oval:org.secpod.oval:def:3348 The host is installed with Apple Safari before 5.1.1 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle a crafted safari extension. Successful exploitation could allow to execute arbitrary JavaScript code. oval:org.secpod.oval:def:3811 The host is missing a security update according to Apple advisory, APPLE-SA-2010-11-18-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers to execute a ... oval:org.secpod.oval:def:3810 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly perform a cast of an unspecified variable during processing of colors in an SVG document. Successful exploitation could allow ... oval:org.secpod.oval:def:3808 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors involving SVG use elements. Successful exploitation could allow attackers to execute arbitrary code or crash t ... oval:org.secpod.oval:def:3809 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to a use after free vulnerability. A flaw is present in the application, which fails to properly handle a non-SVG document. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3806 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the processing of Cascading Style Sheets (CSS) counter styles. Successful exploitation could allow attackers to execut ... oval:org.secpod.oval:def:3807 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle vectors involving Geolocation objects. Successful exploitation could allow attackers to execute arbitrary code or cra ... oval:org.secpod.oval:def:3800 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) 3D transforms. Successful exploitat ... oval:org.secpod.oval:def:3801 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to properly handle vectors involving inline text boxes. Successful exploitation could allow attackers to execute arbitrary code or crash the ... oval:org.secpod.oval:def:3804 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle vectors involving HTML object outlines. Successful exploitation could allow attackers to execute arbitrary code or crash the se ... oval:org.secpod.oval:def:3805 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle the :first-letter pseudo-element in a Cascading Style Sheets (CSS) token sequence. Successful exploitation could allow ... oval:org.secpod.oval:def:3802 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to properly handle processing of Cascading Style Sheets (CSS) boxes. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:3793 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to an URL spoofing vulnerability. A flaw is present in the application, which fails to properly handle a cross-origin attack. Successful exploitation could allow attackers to spoof the URL. oval:org.secpod.oval:def:3791 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly perform a cast of an unspecified variable during processing of inline styling. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:3796 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to an improper DNS fetching vulnerability. A flaw is present in the application, which fails verify whether DNS prefetching is enabled. Successful exploitation could allow attackers to bypass intended access restrictions. oval:org.secpod.oval:def:3797 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to multiple use after free vulnerabilities. The flaws are present in the application, which fails to handle vectors related to improper handling of MIME types by plug-ins. Successful exploitation could allow attackers to exec ... oval:org.secpod.oval:def:3794 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle vectors involving element attributes. Successful exploitation could allow attackers to execute arbitrary code or crash t ... oval:org.secpod.oval:def:3795 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle vectors involving Text objects. Successful exploitation could allow attackers to execute arbitrary code or crash the s ... oval:org.secpod.oval:def:3798 The host is installed with Apple Safari before 5.0.3 or 4.1.3 or Google Chrome before 6.0.472.53 and is prone to a use after free vulnerabilities. A flaw is present in the application, which fails to handle vectors involving element focus. Successful exploitation could allow attackers to execute arb ... oval:org.secpod.oval:def:3799 The host is installed with Apple Safari before 5.0.3 or 4.1.3 or Google Chrome before 6.0.472.53 and is prone to use after free vulnerabilities. A flaw is present in the application, which fails to handle vectors involving element focus. Successful exploitation could allow attackers to execute arbit ... oval:org.secpod.oval:def:3785 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to prevent using a weak algorithm for generating values of random numbers. Successful exploitation could allow attackers to track a ... oval:org.secpod.oval:def:3783 The host is missing a security update according to Apple advisory, APPLE-SA-2010-11-18-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers to execute a ... oval:org.secpod.oval:def:3784 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted string. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3789 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly perform a cast of an unspecified variable during processing of editing commands. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:3787 The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to an integer underflow vulnerability. A flaw is present in the application, which fails to properly handle vectors involving WebSockets. Successful exploitation could allow attackers to execute arbitrary code or crash the se ... oval:org.secpod.oval:def:3976 The host is missing an important security update according to Apple advisory, APPLE-SA-2011-10-12-4. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow to execute arbitrar ... oval:org.secpod.oval:def:3977 The host is missing an important security update according to Apple advisory, APPLE-SA-2011-10-12-4. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow to execute arbitrar ... oval:org.secpod.oval:def:45936 The host is installed with Apple Safari before 11.1.1 and is prone to an address bar spoofing vulnerability. A flaw is present in the applications, which fails to properly handle inconsistent user interface issues. Successful exploitation may lead to address bar spoofing. oval:org.secpod.oval:def:45944 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to cause arbitra ... oval:org.secpod.oval:def:4474 The host is installed with Apple Safari before 5.0.6 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to improper list management for Cascading Style Sheets (CSS). Successful exploitation could allow attackers to crash the se ... oval:org.secpod.oval:def:4475 The host is installed with Apple Safari before 5.0.6 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to improper list management for Cascading Style Sheets (CSS). Successful exploitation could allow attackers to crash the se ... oval:org.secpod.oval:def:4322 The host is installed with Apple Safari 4.0 before 4.1 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to attribute manipulation. Successful exploitation could allow attackers to inject arbitrary code or crash the service. oval:org.secpod.oval:def:2001499 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:42607 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:42606 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:42605 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:42611 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:42610 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:42615 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:42614 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:42613 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:42612 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:42616 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:2000468 An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" componen ... oval:org.secpod.oval:def:4277 The host is missing a security update according to Apple advisory, APPLE-SA-2010-06-07-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle malicious data. Successful exploitation could allow attackers to disclose sensitive inform ... oval:org.secpod.oval:def:45307 The host is installed with Apple Safari before 11.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fails to properly handle a memory corruption issue. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:45305 The host is missing a security update according to Apple advisory, APPLE-SA-2018-04-24-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sens ... oval:org.secpod.oval:def:4757 The host is installed with Apple Safari before 5.1.4 and is prone to URL spoofing vulnerability. A flaw is present in the application, which fails to properly restrict the characters in URLs. Successful exploitation allows remote attackers to spoof a domain name via unspecified homoglyphs. oval:org.secpod.oval:def:4758 The host is installed with Apple Safari before 5.1.4 and is prone to cookie setting vulnerability. A flaw is present in the application, which fails to properly block cookies from third parties and advertisers. Successful exploitation allows remote web servers to track users via a cookie. oval:org.secpod.oval:def:4756 The host is missing a security update according to APPLE-SA-2012-03-12-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle malicious contents. Successful exploitation allows remote attackers to execute remote code or gai ... oval:org.secpod.oval:def:4759 The host is installed with Apple Safari before 5.1.4 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle redirects in conjunction with HTTP authentication. Successful exploitation allows remote web servers to capture credentials ... oval:org.secpod.oval:def:4820 The host is missing a security update according to APPLE-SA-2012-03-12-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle malicious contents. Successful exploitation allows remote attackers to execute remote code or gai ... oval:org.secpod.oval:def:4821 The host is installed with Apple Safari before 5.1.4 and is prone to cookie setting vulnerability. A flaw is present in the application, which fails to properly block cookies from third parties and advertisers. Successful exploitation allows remote web servers to track users via a cookie. oval:org.secpod.oval:def:4822 The host is installed with Apple Safari before 5.1.4 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle redirects in conjunction with HTTP authentication. Successful exploitation allows remote web servers to capture credentials ... oval:org.secpod.oval:def:45884 The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:45885 The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:45895 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:45896 The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:6543 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6542 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6541 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6540 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6547 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6546 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6545 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6544 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6549 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6548 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6554 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6553 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6552 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6551 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6558 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6557 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6556 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6555 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6559 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6550 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:5671 The host is missing an important security update according to Apple advisory, APPLE-SA-2012-05-09-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle malicious data. Successful exploitation could allow attackers bypass s ... oval:org.secpod.oval:def:6529 The host is installed with Apple Safari before 6.0 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to properly handle the autocomplete attribute of a password input element. Successful exploitation could allow attackers to bypass authentication by lev ... oval:org.secpod.oval:def:6528 The host is installed with Apple Safari before 6.0 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to handle a crafted feed URL. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:6527 The host is installed with Apple Safari before 6.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle a crafted feed URL. Successful exploitation could allow attackers to inject arbitrary web script. oval:org.secpod.oval:def:5670 The host is installed with Apple Safari before 5.1.7 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly track state information during the processing of form input. Successful exploitation could allow attackers to fill in form fields on the ... oval:org.secpod.oval:def:6532 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6531 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6530 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6536 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6535 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6534 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6533 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6539 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6538 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6537 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:5667 The host is installed with Apple Safari before 5.1.7 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly track state information during the processing of form input. Successful exploitation could allow attackers to fill in form fields on the ... oval:org.secpod.oval:def:5668 The host is missing an important security update according to Apple advisory, APPLE-SA-2012-05-09-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle malicious data. Successful exploitation could allow attackers bypass s ... oval:org.secpod.oval:def:6602 The host is installed with Apple Safari before 6.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a crafted web site. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:6601 The host is installed with Apple Safari before 6.0 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to properly handle file: URLs. Successful exploitation could allow attackers to bypass intended sandbox restrictions and read arbitrary files. oval:org.secpod.oval:def:6600 The host is installed with Apple Safari before 6.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle location.href property. Successful exploitation could allow attackers to inject arbitrary web script or HTML. oval:org.secpod.oval:def:6587 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6586 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6585 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6584 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6589 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6588 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6583 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6582 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6581 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6580 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6598 The host is installed with Apple Safari before 6.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle drag-and-drop events. Successful exploitation could allow attackers to obtain sensitive information about full pathnames. oval:org.secpod.oval:def:6597 The host is installed with Apple Safari before 6.0 and is prone to an incomplete blacklist vulnerability. A flaw is present in the application, which fails to properly handle malicious data. Successful exploitation could allow attackers to spoof domain names in URLs, and possibly conduct phishing at ... oval:org.secpod.oval:def:6596 The host is installed with Apple Safari before 6.0 and is prone to a same origin bypass vulnerability. A flaw is present in the application, which fails to properly handle Cascading Style Sheets (CSS) property values. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:6595 The host is installed with Apple Safari before 6.0 and is prone to a same origin bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:6599 The host is installed with Apple Safari before 6.0 and is prone to a CRLF injection vulnerability. A flaw is present in the application, which fails to properly handle malicious data. Successful exploitation could allow attackers to inject arbitrary web script or HTML. oval:org.secpod.oval:def:6590 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6594 The host is installed with Apple Safari before 6.0 and is prone to a same origin bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:6593 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6592 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6591 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6565 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6564 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6563 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6562 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6569 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6568 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6567 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6566 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6561 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6560 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6576 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6575 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6574 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6573 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6579 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6578 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6577 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6572 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6571 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:6570 The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:7732 The host is installed with Apple Safari before 6.0.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow remote attackers to obtain the Me card from an Address Book. oval:org.secpod.oval:def:7733 The host is installed with Apple Safari before 6.0.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle https urls. Successful exploitation could allow user-assisted remote attackers to obtain sensitive information by sniffin ... oval:org.secpod.oval:def:7731 The host is installed with Apple Safari before 6.0.1 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to handle quarantine attribute in HTML documents. Successful exploitation could allow user-assisted remote attackers to read arbitrary files by ... oval:org.secpod.oval:def:9900 The host is missing a critical security update according to apple advisory, APPLE-SA-2013-03-14-2. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle malicious data. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:7791 The host is missing a critical security update according to Apple advisory, APPLE-SA-2012-11-01-2. The update is required to fix multiple arbitrary code execution vulnerabilities. The flaws are present in the application, which fails to handle a maliciously crafted website. Successful exploitation c ... oval:org.secpod.oval:def:7784 The host is missing a security update according to Apple advisory, APPLE-SA-2012-09-19-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle malicious data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:7789 The host is installed with Apple Safari before 6.0.2 on Apple Mac OS X 10.7 or later, Safari before 5.1.10 on Mac OS X 10.6.x or Apple iTunes before 11.0.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle javascript arrays. Succes ... oval:org.secpod.oval:def:2960 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes less than 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrar ... oval:org.secpod.oval:def:2962 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes less than 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrar ... oval:org.secpod.oval:def:2959 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes version less than 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute ... oval:org.secpod.oval:def:2941 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2943 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2942 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2945 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2944 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2947 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2946 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2939 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2950 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2952 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2951 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2954 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2953 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2956 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes version less than 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute ... oval:org.secpod.oval:def:2955 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes before 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary c ... oval:org.secpod.oval:def:2958 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes version less than 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute ... oval:org.secpod.oval:def:2957 The host is installed with Apple Safari version less than or equal to 5.0.5 or Apple iTunes version less than 10.5 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle crafted web site. Successful exploitation allows remote attackers to execute ... oval:org.secpod.oval:def:2678 The host is installed with Google Chrome before 7.0.517.44 or Apple Safari before 5.0.4 and is prone to denial of service vulnerability. A flaw is present in the application which fails to properly handle memory. Successful exploitation allows remote attackers to cause a denial of service (applicati ... oval:org.secpod.oval:def:9896 The host is installed with Apple Safari before 6.0.3 or Apple iTunes before 11.0.3 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle malicious data. Successful exploitation could allow attackers to execute arbitrary code or cr ... oval:org.secpod.oval:def:9897 The host is installed with Apple Safari before 6.0.3 or Apple iTunes before 11.0.3 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle malicious data. Successful exploitation could allow attackers to execute arbitrary code or cr ... oval:org.secpod.oval:def:2000204 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ... oval:org.secpod.oval:def:2000464 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ... oval:org.secpod.oval:def:45942 The host is installed with Apple Safari before 11.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fails to properly handle memory issues. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:2001407 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows ... oval:org.secpod.oval:def:46817 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to disclose sensitive information. oval:org.secpod.oval:def:44801 The host is installed with Apple iCloud before 7.4, Apple iTunes before 12.7.4 or Google Chrome before 68.0.3440.75 and is prone to a cross-origin information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation cou ... oval:org.secpod.oval:def:44800 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:2000406 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:44812 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44814 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44823 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44824 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44825 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44826 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:2001604 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:44821 The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:44829 The host is installed with Apple Safari before 11.1 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle a maliciously crafted web content. Successful exploitation may lead to a denial of service. oval:org.secpod.oval:def:44830 The host is installed with Apple Safari before 11.1 or Google Chrome before 68.0.3440.75 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle a maliciously crafted web content. Successful exploitation may lead to a denial of service ... oval:org.secpod.oval:def:2000518 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:114649 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKit2 based WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:2000168 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:704068 webkit2gtk: Web content engine library for GTK+ A security issue was fixed in WebKitGTK+. oval:org.secpod.oval:def:2000156 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:704062 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:114541 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:2000389 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:114411 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKit2 based WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:114728 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:2001460 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:704127 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:46785 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to disclose sensitive information. oval:org.secpod.oval:def:46780 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:46823 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:51060 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:52040 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:44784 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44786 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44793 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44795 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44796 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44797 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44798 The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:45890 The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to execute a ... oval:org.secpod.oval:def:45934 The host is installed with Apple Safari before 11.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fails to properly handle maliciously crafted web content. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:2000536 In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling. oval:org.secpod.oval:def:704284 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:46294 The host is installed with Apple iCloud before 7.6 or Apple iTunes before 12.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted content. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:46290 The host is installed with Apple iCloud before 7.6 or Apple iTunes before 12.8 and is prone to a cross-origin data bypass vulnerability. A flaw is present in the application, which fails to properly perform audio taint tracking. Successful exploitation could allow attackers to exfiltrate audio data ... oval:org.secpod.oval:def:46304 The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-5. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to spoof address bars or ... oval:org.secpod.oval:def:46307 The host is installed with Apple Safari before 11.1.2 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a malicious website. Successful exploitation allows attackers to exfiltrate cross-origin the sound fetched through audio elements. oval:org.secpod.oval:def:46311 The host is installed with Apple Safari before 11.1.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation allows attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:46303 The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-7. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:46302 The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:45886 The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:703931 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:44922 The host is installed with Apple iCloud before 7.2 or Apple iTunes before 12.7.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44923 The host is installed with Apple iCloud before 7.2 or Apple iTunes before 12.7.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:113665 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:42608 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:42609 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:42619 The host is missing a security update according to Apple advisory, APPLE-SA-2017-10-31-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:42618 The host is missing a security update according to Apple advisory, APPLE-SA-2017-10-31-5. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation allow attackers to perf ... oval:org.secpod.oval:def:42617 The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution. oval:org.secpod.oval:def:44916 The host is installed with Apple Safari before 11.0.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:113634 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:113991 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:51986 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:113825 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:113612 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:113854 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:113936 WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. oval:org.secpod.oval:def:703886 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:43212 The host is missing a security update according to Apple advisory, APPLE-SA-2017-12-13-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successful exploitation c ... oval:org.secpod.oval:def:43213 The host is missing a security update according to apple advisory, APPLE-SA-2017-12-13-4. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successf ... oval:org.secpod.oval:def:703972 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:43587 The host is missing a security update according to apple advisory, APPLE-SA-2018-1-23-6. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could al ... oval:org.secpod.oval:def:14274 The host is missing an important security update according to Apple advisory, APPLE-SA-2009-11-11-1. The update is required to fix multiple vulnerabilities. The flaw is present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to crash the ... oval:org.secpod.oval:def:14890 The host is missing an important security update according to Apple advisory, APPLE-SA-2009-11-11-1. The update is required to fix multiple vulnerabilities. The flaw are present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to crash th ... oval:org.secpod.oval:def:17221 The host is missing a security update according to Apple advisory, APPLE-SA-2008-06-19. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code or cra ... oval:org.mitre.oval:def:5782 Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, and subsequently allows ... oval:org.mitre.oval:def:8509 Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, and subsequently allows ... oval:org.mitre.oval:def:6108 Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, and subsequently allows ... oval:org.secpod.oval:def:44831 The host is missing a security update according to Apple advisory, APPLE-SA-2018-3-29-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sensi ... oval:org.secpod.oval:def:46789 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:46752 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:46827 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:46821 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:115120 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:53380 Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-4117 AhsanEjaz discovered an information leak. Rob Wu discovered a way to escalate privileges using extensions. CVE-2018-6150 Rob Wu discovered an information disclosure issue . CVE-2018-6151 Rob Wu discovered an issu ... oval:org.secpod.oval:def:115022 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:1800708 CVE-2017-5753 Versions affected: WebKitGTK+ before 2.18.5.Impact: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker via a side-channel analysis. This variant of the Spectre vulnerability triggers the spe ... oval:org.secpod.oval:def:6603 The host is missing an important security update according to Apple advisory, APPLE-SA-2012-07-25-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to disclos ... oval:org.secpod.oval:def:17340 The host is missing a security update according to APPLE-SA-2011-03-09-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application which fails to properly handle memory. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:2677 The host is missing a security update according to APPLE-SA-2011-03-09-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application which fails to properly handle memory. Successful exploitation allows remote attackers to execute arbitrary code. |