Computer Security
[EN] securityvulns.ru no-pyccku


Apple Webkit / Safari multiple security vulnerabilities
updated since 08.08.2010
Published:14.08.2010
Source:
SecurityVulns ID:11040
Type:library
Threat Level:
9/10
Description:Information leak, crossdomain access, buffer overflows, memory corruptions.
Affected:APPLE : Safari 5.0
 APPLE : Safari 4.1
CVE:CVE-2010-1796 (The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields.)
 CVE-2010-1793 (Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a (1) font-face or (2) use element in an SVG document.)
 CVE-2010-1792 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression.)
 CVE-2010-1791 (Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index.)
 CVE-2010-1790 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, does not properly handle just-in-time (JIT) compiled JavaScript stubs, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to a "reentrancy issue.")
 CVE-2010-1789 (Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a JavaScript string object.)
 CVE-2010-1788 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a use element in an SVG document.)
 CVE-2010-1787 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a floating element in an SVG document.)
 CVE-2010-1786 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a foreignObject element in an SVG document.)
 CVE-2010-1785 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, accesses uninitialized memory during processing of the (1) :first-letter and (2) :first-line pseudo-elements in an SVG text element, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document.)
 CVE-2010-1784 (The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.)
 CVE-2010-1783 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.)
 CVE-2010-1782 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to the rendering of an inline element.)
 CVE-2010-1780 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to element focus.)
 CVE-2010-1778 (Cross-site scripting (XSS) vulnerability in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via an RSS feed.)
Original documentdocumentZDI, ZDI-10-154: Apple Webkit Button First-Letter Style Rendering Remote Code Execution Vulnerability (14.08.2010)
 documentZDI, ZDI-10-153: Apple Webkit SVG Floating Text Element Remote Code Execution Vulnerability (14.08.2010)
 documentZDI, ZDI-10-152: Apple WebKit RTL LineBox Overflow Remote Code Execution Vulnerability (14.08.2010)
 documentZDI, ZDI-10-144: Apple Webkit Rendering Counter Remote Code Execution Vulnerability (11.08.2010)
 documentZDI, ZDI-10-146: Apple Webkit Anchor Tag Mouse Click Event Dispatch Remote Code Execution Vulnerability (11.08.2010)
 documentZDI, ZDI-10-141: Apple Webkit SVG ForeignObject Rendering Layout Remote Code Execution Vulnerability (08.08.2010)
 documentZDI, ZDI-10-142: Apple Webkit SVG First-Letter Style Remote Code Execution Vulnerability (08.08.2010)
 documentAPPLE, About the security content of Safari 5.0.1 and Safari 4.1.1 (08.08.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod