|
|
RETIRED: Apple Safari Prior to 3.1 Multiple Security Vulnerabilities
Apple Safari is prone to 12 security vulnerabilities. Attackers may exploit these issues to execute arbitrary code, steal cookie-based authentication credentials, spoof secure websites, obtain sensitive information, and crash the affected application. Other attacks are also possible. These issues affect versions prior to Apple Safari 3.1 running on Apple Mac OS X 10.4.1 and 10.5.2, Microsoft Windows XP, and Windows Vista. NOTE: This BID is being retired. The following individual records have been created to fully document all the vulnerabilities that were described in this BID: 28356 Apple Safari CFNetwork Arbitrary Secure Website Spoofing Vulnerability 28321 Apple Safari Error Page Cross-Site Scripting Vulnerability 28328 Apple Safari Javascript URL Parsing Cross-Site Scripting Vulnerability 28330 Apple Safari WebCore 'document.domain' Cross-Site Scripting Vulnerability 28347 Apple Safari Web Inspector Remote Code Injection Vulnerability 28326 Apple Safari WebCore 'Kotoeri' Password Field Information Disclosure Vulnerability 28332 Apple Safari WebCore 'window.open()' Function Cross-Site Scripting Vulnerability 28335 Apple Safari WebCore Java Frame Navigation Cross-Site Scripting Vulnerability 28336 Apple Safari WebCore 'document.domain' Variant Cross-Site Scripting Vulnerability 28337 Apple Safari WebCore History Object Cross-Site Scripting Vulnerability 28338 Apple Safari WebKit JavaScript Regular Expression Handling Buffer Overflow Vulnerability 28342 Apple Safari WebKit Frame Method Cross-Site Scripting Vulnerability |
|
Privacy Statement |