| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-6284 | 5.0 |
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
|
13-02-2023 - 02:18 | 12-01-2008 - 02:46 | |
| CVE-2008-1588 | 4.3 |
Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to spoof the address bar via Unicode ideographic spaces in the URL.
|
09-08-2022 - 13:46 | 14-07-2008 - 18:41 | |
| CVE-2008-1589 | 4.3 |
Safari on Apple iPhone before 2.0 and iPod touch before 2.0 misinterprets a menu button press as user confirmation for visiting a web site with a (1) self-signed or (2) invalid certificate, which makes it easier for remote attackers to spoof web site
|
09-08-2022 - 13:46 | 14-07-2008 - 18:41 | |
| CVE-2008-1590 | 6.8 |
JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch before 2.0 does not properly perform runtime garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecifi
|
09-08-2022 - 13:46 | 14-07-2008 - 18:41 | |
| CVE-2008-2317 | 9.3 |
WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a reference to the
|
09-08-2022 - 13:46 | 14-07-2008 - 18:41 | |
| CVE-2008-2303 | 10.0 |
Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript array indices that trigger an
|
09-08-2022 - 13:46 | 14-07-2008 - 18:41 | |
| CVE-2006-2783 | 4.3 |
Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the mi
|
18-10-2018 - 16:42 | 02-06-2006 - 19:02 | |
| CVE-2008-1026 | 6.8 |
Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition
|
11-10-2018 - 20:29 | 17-04-2008 - 19:05 | |
| CVE-2008-1767 | 7.5 |
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that trigg
|
29-09-2017 - 01:30 | 23-05-2008 - 15:32 | |
| CVE-2008-0177 | 7.8 |
The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does not properly check the return value of the m_pulldown function, which allows remote attackers to cause a denial of service (system crash) via an IPv6 p
|
29-09-2017 - 01:30 | 07-02-2008 - 22:00 | |
| CVE-2008-1025 | 4.3 |
Cross-site scripting (XSS) vulnerability in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a colon in the hostname portion.
|
08-08-2017 - 01:29 | 17-04-2008 - 19:05 | |
| CVE-2008-0050 | 5.0 |
CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error.
|
08-08-2017 - 01:29 | 18-03-2008 - 22:44 | |
| CVE-2008-2307 | 9.3 |
Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary co
|
15-03-2011 - 04:00 | 23-06-2008 - 20:41 |