[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26616 Download | Alert*

The host is installed with Google Chrome before 18.0.1025.168 or Apple Tunes before 10.7 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation allows remote attackers to cause a denial of service.

The host is installed with Apple iTunes before 12.10.1 or iCloud before 7.14 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a maliciously crafted web content. Successful exploitation could allow an attacker to cause arbitrary code execution.

WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, does not properly restrict the reading of a canvas that contains an SVG image pattern from a different web site, which allows remote attackers to read images from other sites via a crafted canvas, related to a "cross-site image capture issue."

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows remote attackers to inject arbitrary web script or HTML via vectors involving DOM constructor objects, related to a "scope management issue."

WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, accesses out-of-bounds memory during processing of HTML tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG document that contains recursive Use elements, which are not properly handled during page deconstruction.

Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile.

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML in a TEXTAREA element.

WebKit in Apple Safari before 5.0 or iTunes on Windows, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document containing XML that triggers a parsing error, related to ProcessInstruction.

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML document fragments.


Pages:      Start    1455    1456    1457    1458    1459    1460    1461    1462    1463    1464    1465    1466    1467    1468    ..   2661

© SecPod Technologies