The host is installed with Apple Safari before 4.0 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly use the standards-compliant method to determine the security context associated with a script. Successful exploitation could allow attackers to inject arbitrary web script or HTML.
The host is installed with Apple Safari before 4.0 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to inject arbitrary web script or HTML.
The host is installed with Apple Safari before 4.0 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle vectors related to insufficient access control for standard JavaScript prototypes in other domains. Successful exploitation could allow attackers to inject arbitrary web script or HTML.
The host is installed with Apple Safari before 4.0 and is prone to a session-tracking vulnerability. A flaw is present in the application, which fails to properly generate random numbers for JavaScript applications. Successful exploitation could allow attackers to track a particular Safari session without using cookies, hidden form elements, IP addresses, or other techniques.
The host is installed with Apple Safari before 4.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle audio and video HTML elements. Successful exploitation could allow attackers to disclose sensitive information.
The host is installed with Apple Safari before 4.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly implement the document function. Successful exploitation could allow attackers to read (1) arbitrary local files and (2) files from different security zones.
The host is installed with Apple Safari before 4.0 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle vectors related to script execution with incorrect privileges. Successful exploitation could allow attackers to to inject arbitrary web script or HTML.
The host is installed with Apple Safari before 4.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle vectors involving drag events and the dragging of content over a crafted web page. Successful exploitation could allow attackers to obtain sensitive information.
The host is installed with Apple Safari before 4.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a "high-bit character" in a URL fragment for an unspecified protocol. Successful exploitation could allow attackers to execute arbitrary code or crash the service.
The host is installed with Apple Safari before 4.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a file://' Protocol Handler. Successful exploitation could allow attackers to crash the service.