[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

125990

 
 

909

 
 

104883

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 14543 Download | Alert*

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML document subtrees.

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging, a related issue to CVE-2010-0660.

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML element that has custom vertical positioning.

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the contentEditable attribute and removing container elements.

WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to bypass intended restrictions on outbound connections to "non-default TCP ports" via a crafted port number, related to an "integer truncation issue." NOTE: this may overlap CVE-2010-1099.

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a certain window close action that occurs during a drag-and-drop operation.

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving DOM Range objects.

The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL.

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, follows multiple redirections during form submission, which allows remote web servers to obtain sensitive information by recording the form data.

WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 does not properly handle libxml contexts, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to an "API abuse issue."


Pages:      Start    1246    1247    1248    1249    1250    1251    1252    1253    1254    1255    1256    1257    1258    1259    ..   1454

© SecPod Technologies