| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-2401 | 4.3 |
CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1, allows remote attackers to inject arbitrary HTTP headers via LF characters in an XMLHttpRequest request, which are not filtered when serializ
|
09-08-2022 - 13:46 | 25-06-2007 - 19:30 | |
| CVE-2007-2399 | 9.3 |
WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption.
|
09-08-2022 - 13:46 | 25-06-2007 - 19:30 | |
| CVE-2007-2400 | 4.3 |
Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhone before 1.0.1, allows remote attackers to bypass the JavaScript security model and modify pages outside of the security domain and conduct cross-site
|
09-08-2022 - 13:46 | 25-06-2007 - 19:30 | |
| CVE-2007-3742 | 4.3 |
WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-ali
|
29-07-2017 - 01:32 | 03-08-2007 - 20:17 | |
| CVE-2007-3944 | 9.3 |
Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code vi
|
29-07-2017 - 01:32 | 23-07-2007 - 16:30 |