CVE-2004-1314 (GCVE-0-2004-1314)
Vulnerability from – Published: 2004-12-22 05:00 – Updated: 2024-08-08 00:46
VLAI?
Summary
Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability, a different vulnerability than CVE-2004-1122.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13252",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13252/"
},
{
"name": "APPLE-SA-2005-01-25",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/multiple_browsers_window_injection_vulnerability_test/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2004-13/advisory/"
},
{
"name": "web-browser-popup-spoofing(18397)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18397"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the \"window injection\" vulnerability, a different vulnerability than CVE-2004-1122."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13252",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13252/"
},
{
"name": "APPLE-SA-2005-01-25",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/multiple_browsers_window_injection_vulnerability_test/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2004-13/advisory/"
},
{
"name": "web-browser-popup-spoofing(18397)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18397"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the \"window injection\" vulnerability, a different vulnerability than CVE-2004-1122."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13252",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13252/"
},
{
"name": "APPLE-SA-2005-01-25",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html"
},
{
"name": "http://secunia.com/multiple_browsers_window_injection_vulnerability_test/",
"refsource": "MISC",
"url": "http://secunia.com/multiple_browsers_window_injection_vulnerability_test/"
},
{
"name": "http://secunia.com/secunia_research/2004-13/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2004-13/advisory/"
},
{
"name": "web-browser-popup-spoofing(18397)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18397"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1314",
"datePublished": "2004-12-22T05:00:00",
"dateReserved": "2004-12-21T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1199 (GCVE-0-2004-1199)
Vulnerability from – Published: 2004-12-15 05:00 – Updated: 2024-08-08 00:46
VLAI?
Summary
Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:11.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "web-browser-array-dos(18282)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18282"
},
{
"name": "20041125 More Browser flaws on MACOSX: nested array sort() loop Stack overflow exception",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029458.html"
},
{
"name": "11759",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11759"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "web-browser-array-dos(18282)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18282"
},
{
"name": "20041125 More Browser flaws on MACOSX: nested array sort() loop Stack overflow exception",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029458.html"
},
{
"name": "11759",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11759"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "web-browser-array-dos(18282)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18282"
},
{
"name": "20041125 More Browser flaws on MACOSX: nested array sort() loop Stack overflow exception",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029458.html"
},
{
"name": "11759",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11759"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1199",
"datePublished": "2004-12-15T05:00:00",
"dateReserved": "2004-12-14T00:00:00",
"dateUpdated": "2024-08-08T00:46:11.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1122 (GCVE-0-2004-1122)
Vulnerability from – Published: 2004-12-10 05:00 – Updated: 2024-08-08 00:39
VLAI?
Summary
Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the "Dialog Box Spoofing Vulnerability," a different vulnerability than CVE-2004-1314.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.844Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2004-10/"
},
{
"name": "12892",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12892"
},
{
"name": "APPLE-SA-2004-12-02",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/multiple_browsers_dialog_box_spoofing_test/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the \"Dialog Box Spoofing Vulnerability,\" a different vulnerability than CVE-2004-1314."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-12-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2004-10/"
},
{
"name": "12892",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12892"
},
{
"name": "APPLE-SA-2004-12-02",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/multiple_browsers_dialog_box_spoofing_test/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1122",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the \"Dialog Box Spoofing Vulnerability,\" a different vulnerability than CVE-2004-1314."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2004-10/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2004-10/"
},
{
"name": "12892",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12892"
},
{
"name": "APPLE-SA-2004-12-02",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html"
},
{
"name": "http://secunia.com/multiple_browsers_dialog_box_spoofing_test/",
"refsource": "MISC",
"url": "http://secunia.com/multiple_browsers_dialog_box_spoofing_test/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1122",
"datePublished": "2004-12-10T05:00:00",
"dateReserved": "2004-12-01T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.844Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1121 (GCVE-0-2004-1121)
Vulnerability from – Published: 2005-04-14 04:00 – Updated: 2024-08-08 00:39
VLAI?
Summary
Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.843Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#925430",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/925430"
},
{
"name": "11573",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11573"
},
{
"name": "13047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13047/"
},
{
"name": "ie-table-status-spoofing(17909)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17909"
},
{
"name": "APPLE-SA-2004-12-02",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#925430",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/925430"
},
{
"name": "11573",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11573"
},
{
"name": "13047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13047/"
},
{
"name": "ie-table-status-spoofing(17909)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17909"
},
{
"name": "APPLE-SA-2004-12-02",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1121",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#925430",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/925430"
},
{
"name": "11573",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11573"
},
{
"name": "13047",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13047/"
},
{
"name": "ie-table-status-spoofing(17909)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17909"
},
{
"name": "APPLE-SA-2004-12-02",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1121",
"datePublished": "2005-04-14T04:00:00",
"dateReserved": "2004-12-01T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0720 (GCVE-0-2004-0720)
Vulnerability from – Published: 2004-07-23 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:27.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http-frame-spoof(1598)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1598"
},
{
"name": "11978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11978"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-07-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "http-frame-spoof(1598)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1598"
},
{
"name": "11978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11978"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0720",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http-frame-spoof(1598)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1598"
},
{
"name": "11978",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11978"
},
{
"name": "http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/",
"refsource": "MISC",
"url": "http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0720",
"datePublished": "2004-07-23T04:00:00",
"dateReserved": "2004-07-22T00:00:00",
"dateUpdated": "2024-08-08T00:24:27.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4504 (GCVE-0-2005-4504)
Vulnerability from – Published: 2005-12-22 23:00 – Updated: 2024-08-07 23:46
VLAI?
Summary
The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18220"
},
{
"name": "macos-khtmlparser-dos(23819)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23819"
},
{
"name": "ADV-2005-3058",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/3058"
},
{
"name": "19064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19064"
},
{
"name": "16907",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16907"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security-protocols.com/advisory/sp-x22-advisory.txt"
},
{
"name": "ADV-2006-0791",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0791"
},
{
"name": "16045",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16045"
},
{
"name": "APPLE-SA-2006-03-01",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html"
},
{
"name": "VU#351217",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/351217"
},
{
"name": "TA06-062A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=303382"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/jarticle.html?artnum=303382-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18220"
},
{
"name": "macos-khtmlparser-dos(23819)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23819"
},
{
"name": "ADV-2005-3058",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/3058"
},
{
"name": "19064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19064"
},
{
"name": "16907",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16907"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security-protocols.com/advisory/sp-x22-advisory.txt"
},
{
"name": "ADV-2006-0791",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0791"
},
{
"name": "16045",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16045"
},
{
"name": "APPLE-SA-2006-03-01",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html"
},
{
"name": "VU#351217",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/351217"
},
{
"name": "TA06-062A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=303382"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/jarticle.html?artnum=303382-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4504",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18220"
},
{
"name": "macos-khtmlparser-dos(23819)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23819"
},
{
"name": "ADV-2005-3058",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/3058"
},
{
"name": "19064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19064"
},
{
"name": "16907",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16907"
},
{
"name": "http://security-protocols.com/advisory/sp-x22-advisory.txt",
"refsource": "MISC",
"url": "http://security-protocols.com/advisory/sp-x22-advisory.txt"
},
{
"name": "ADV-2006-0791",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0791"
},
{
"name": "16045",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16045"
},
{
"name": "APPLE-SA-2006-03-01",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html"
},
{
"name": "VU#351217",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/351217"
},
{
"name": "TA06-062A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=303382",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=303382"
},
{
"name": "http://docs.info.apple.com/jarticle.html?artnum=303382-en",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/jarticle.html?artnum=303382-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4504",
"datePublished": "2005-12-22T23:00:00",
"dateReserved": "2005-12-22T00:00:00",
"dateUpdated": "2024-08-07T23:46:05.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3897 (GCVE-0-2005-3897)
Vulnerability from – Published: 2005-11-29 21:00 – Updated: 2024-08-07 23:24
VLAI?
Summary
Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:24:36.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20051123 Re: IE BUG, Mozilla DOS?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113278010907401\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20051123 Re: IE BUG, Mozilla DOS?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113278010907401\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3897",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051123 Re: IE BUG, Mozilla DOS?",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=113278010907401\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3897",
"datePublished": "2005-11-29T21:00:00",
"dateReserved": "2005-11-29T00:00:00",
"dateUpdated": "2024-08-07T23:24:36.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3018 (GCVE-0-2005-3018)
Vulnerability from – Published: 2005-09-21 04:00 – Updated: 2024-08-07 22:53
VLAI?
Summary
Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:30.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "safari-data-uri-dos(22331)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
},
{
"name": "20050917 Possible memory corruption problems in Apple Safari",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2"
},
{
"name": "16875",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16875/"
},
{
"name": "14868",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14868"
},
{
"name": "19569",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19569"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "safari-data-uri-dos(22331)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
},
{
"name": "20050917 Possible memory corruption problems in Apple Safari",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2"
},
{
"name": "16875",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16875/"
},
{
"name": "14868",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14868"
},
{
"name": "19569",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19569"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "safari-data-uri-dos(22331)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22331"
},
{
"name": "20050917 Possible memory corruption problems in Apple Safari",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112715234411672\u0026w=2"
},
{
"name": "16875",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16875/"
},
{
"name": "14868",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14868"
},
{
"name": "19569",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19569"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3018",
"datePublished": "2005-09-21T04:00:00",
"dateReserved": "2005-09-21T00:00:00",
"dateUpdated": "2024-08-07T22:53:30.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2272 (GCVE-0-2005-2272)
Vulnerability from – Published: 2005-07-13 04:00 – Updated: 2024-08-07 22:22
VLAI?
Summary
Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:22:48.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17813",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17813"
},
{
"name": "ADV-2005-2659",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2659"
},
{
"name": "17397",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/17397"
},
{
"name": "1015294",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015294"
},
{
"name": "APPLE-SA-2005-11-29",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=302847"
},
{
"name": "15474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15474"
},
{
"name": "mozilla-javascript-dialog-box-spoofing(21070)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21070"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2005-12/advisory/"
},
{
"name": "14011",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the \"Dialog Origin Spoofing Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17813",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17813"
},
{
"name": "ADV-2005-2659",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2659"
},
{
"name": "17397",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/17397"
},
{
"name": "1015294",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015294"
},
{
"name": "APPLE-SA-2005-11-29",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://docs.info.apple.com/article.html?artnum=302847"
},
{
"name": "15474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15474"
},
{
"name": "mozilla-javascript-dialog-box-spoofing(21070)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21070"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2005-12/advisory/"
},
{
"name": "14011",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14011"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the \"Dialog Origin Spoofing Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17813",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17813"
},
{
"name": "ADV-2005-2659",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2659"
},
{
"name": "17397",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/17397"
},
{
"name": "1015294",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015294"
},
{
"name": "APPLE-SA-2005-11-29",
"refsource": "APPLE",
"url": "http://docs.info.apple.com/article.html?artnum=302847"
},
{
"name": "15474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15474"
},
{
"name": "mozilla-javascript-dialog-box-spoofing(21070)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21070"
},
{
"name": "http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/",
"refsource": "MISC",
"url": "http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/"
},
{
"name": "http://secunia.com/secunia_research/2005-12/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2005-12/advisory/"
},
{
"name": "14011",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14011"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2272",
"datePublished": "2005-07-13T04:00:00",
"dateReserved": "2005-07-13T00:00:00",
"dateUpdated": "2024-08-07T22:22:48.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1385 (GCVE-0-2005-1385)
Vulnerability from – Published: 2005-05-02 04:00 – Updated: 2024-08-07 21:51
VLAI?
Summary
Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:51:48.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16006",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/16006"
},
{
"name": "20050428 Safari HTTPS Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111473570624498\u0026w=2"
},
{
"name": "20050429 Re: Safari HTTPS Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111479299730011\u0026w=2"
},
{
"name": "20050429 Re: Safari HTTPS Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111479346119272\u0026w=2"
},
{
"name": "1013835",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013835"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16006",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/16006"
},
{
"name": "20050428 Safari HTTPS Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111473570624498\u0026w=2"
},
{
"name": "20050429 Re: Safari HTTPS Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111479299730011\u0026w=2"
},
{
"name": "20050429 Re: Safari HTTPS Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111479346119272\u0026w=2"
},
{
"name": "1013835",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013835"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1385",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16006",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/16006"
},
{
"name": "20050428 Safari HTTPS Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111473570624498\u0026w=2"
},
{
"name": "20050429 Re: Safari HTTPS Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111479299730011\u0026w=2"
},
{
"name": "20050429 Re: Safari HTTPS Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111479346119272\u0026w=2"
},
{
"name": "1013835",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013835"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1385",
"datePublished": "2005-05-02T04:00:00",
"dateReserved": "2005-05-02T00:00:00",
"dateUpdated": "2024-08-07T21:51:48.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
displaying 281 - 290 organizations in total 1584