CVE search results

321 – 330 of 356 results

Detailed view

Sort by:

CVE-2009-2061

Low priority

Some fixes available 12 of 22

Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT...

8 affected packages

firefox, kde4libs, kdelibs, qt4-x11, seamonkey...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—
kde4libs	—	—	—	—
kdelibs	—	—	—	—
qt4-x11	—	—	—	—
seamonkey	—	—	—	—
webkit	—	—	—	—
xulrunner-1.9	—	—	—	—
xulrunner-1.9.1	—	—	—	—

CVE-2009-1718

Low priority

Ignored

WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to obtain sensitive information via vectors involving drag events and the dragging of content over a crafted web page.

2 affected packages

qt4-x11, webkit

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qt4-x11	—	—	—	—
webkit	—	—	—	—

CVE-2009-1715

Low priority

Ignored

Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to inject arbitrary web script or HTML, and read local files, via vectors related to script...

2 affected packages

qt4-x11, webkit

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qt4-x11	—	—	—	—
webkit	—	—	—	—

CVE-2009-1714

Low priority

Ignored

2 affected packages

qt4-x11, webkit

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qt4-x11	—	—	—	—
webkit	—	—	—	—

CVE-2009-1710

Low priority

Ignored

WebKit in Apple Safari before 4.0 allows remote attackers to spoof the browser's display of (1) the host name, (2) security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3...

2 affected packages

qt4-x11, webkit

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qt4-x11	—	—	—	—
webkit	—	—	—	—

CVE-2009-1709

Medium priority

Some fixes available 1 of 2

Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application...

4 affected packages

kde4libs, kdegraphics, qt4-x11, webkit

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
kde4libs	—	—	—	—
kdegraphics	—	—	—	—
qt4-x11	—	—	—	—
webkit	—	—	—	—

CVE-2009-1703

Low priority

Ignored

WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within (1) audio and (2) video elements, which allows remote attackers to determine the existence of arbitrary files via a crafted HTML document.

2 affected packages

qt4-x11, webkit

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qt4-x11	—	—	—	—
webkit	—	—	—	—

CVE-2009-1702

Low priority

Ignored

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors...

2 affected packages

qt4-x11, webkit

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qt4-x11	—	—	—	—
webkit	—	—	—	—

CVE-2009-1701

Medium priority

Ignored

Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code...

2 affected packages

webkit, qt4-x11

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
webkit	—	—	—	—
qt4-x11	—	—	—	—

CVE-2009-1700

Low priority

Ignored

The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from...

2 affected packages

qt4-x11, webkit

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qt4-x11	—	—	—	—
webkit	—	—	—	—

Export to JSON

Results by page:

Search CVE reports