266001
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: U…
|
CWE-200
Information Exposure
|
CVE-2009-2200
|
2011-02-17 15:44 |
2009-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266002
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not prevent web sites from loading third-party content into a subframe, which allow…
|
NVD-CWE-Other
|
CVE-2009-1681
|
2011-02-17 15:43 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266003
|
- |
|
apple
|
safari
|
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1684
|
2011-02-17 15:43 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266004
|
- |
|
apple
|
safari
|
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1685
|
2011-02-17 15:43 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266005
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operatio…
|
CWE-20
Improper Input Validation
|
CVE-2009-1686
|
2011-02-17 15:43 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266006
|
- |
|
apple
|
safari
|
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1688
|
2011-02-17 15:43 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266007
|
- |
|
apple
|
safari
|
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1689
|
2011-02-17 15:43 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266008
|
- |
|
apple
|
safari
|
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1691
|
2011-02-17 15:43 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266009
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element wit…
|
NVD-CWE-Other
|
CVE-2009-1693
|
2011-02-17 15:43 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266010
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read images from ar…
|
NVD-CWE-Other
|
CVE-2009-1694
|
2011-02-17 15:43 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|