|
292901
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle file: URLs, which allows remote attackers to bypass intended sandbox restrictions and read arbitrary files by leveraging a WebProcess compro…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3697
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292902
|
- |
|
apple
|
safari
|
CRLF injection vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP request splitting attacks via a crafted web site that lever…
|
CWE-20
Improper Input Validation
|
CVE-2012-3696
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292903
|
- |
|
apple
|
safari
|
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML by leveraging improper URL canonicalization during the han…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3695
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292904
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to obtain sensitive information about full pathnames via a crafted web sit…
|
CWE-200
Information Exposure
|
CVE-2012-3694
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292905
|
- |
|
apple
|
safari
|
Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, by leveraging the availability of…
|
NVD-CWE-Other
|
CVE-2012-3693
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292906
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle Cascading Style Sheets (CSS) property values, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
|
CWE-20
Improper Input Validation
|
CVE-2012-3691
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292907
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to read arbitrary files via a crafted web site.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3690
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292908
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site.
|
CWE-20
Improper Input Validation
|
CVE-2012-3689
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292909
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 accesses uninitialized memory locations during the rendering of SVG images, which allows remote attackers to obtain sensitive information from process memory via a c…
|
CWE-200
Information Exposure
|
CVE-2012-3650
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292910
|
- |
|
isc
debian
canonical
|
dhcp
debian_linux
ubuntu_linux
|
Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.
|
CWE-399
Resource Management Errors
|
CVE-2012-3954
|
2024-11-21 10:41 |
2012-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
