This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:apple:safari
Detail
VendorAppleFirst view 2005-08-19
ProductSafariLast view2017-11-12
VersionTypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:apple:safari

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32017-11-12CVE-2017-13790NetworkMediumNone Requ...
4.32017-11-12CVE-2017-13789NetworkMediumNone Requ...
4.32017-10-22CVE-2017-7144NetworkMediumNone Requ...
52017-10-22CVE-2017-7142NetworkLowNone Requ...
6.82017-10-22CVE-2017-7120NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
6.82017-10-22CVE-2017-7117NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7111NetworkMediumNone Requ...
4.32017-10-22CVE-2017-7109NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7107NetworkMediumNone Requ...
4.32017-10-22CVE-2017-7106NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7104NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7102NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7100NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7099NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7098NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7096NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7095NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7094NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7093NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7092NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7091NetworkMediumNone Requ...
52017-10-22CVE-2017-7090NetworkLowNone Requ...
4.32017-10-22CVE-2017-7089NetworkMediumNone Requ...
6.82017-10-22CVE-2017-7087NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
45% (288)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
12% (79)CWE-399Resource Management Errors
9% (61)CWE-200Information Exposure
7% (46)CWE-20Improper Input Validation
6% (44)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
Hide | Show 18 More...
%idName
5% (32)CWE-264Permissions, Privileges, and Access Controls
2% (16)CWE-94Failure to Control Generation of Code ('Code Injection')
2% (15)CWE-189Numeric Errors
1% (12)CWE-310Cryptographic Issues
1% (10)CWE-284Access Control (Authorization) Issues
0% (5)CWE-287Improper Authentication
0% (4)CWE-254Security Features
0% (3)CWE-19Data Handling
0% (3)CWE-16Configuration
0% (2)CWE-362Race Condition
0% (2)CWE-255Credentials Management
0% (2)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (2)CWE-17Code
0% (1)CWE-601URL Redirection to Untrusted Site ('Open Redirect')
0% (1)CWE-352Cross-Site Request Forgery (CSRF)
0% (1)CWE-275Permission Issues
0% (1)CWE-134Uncontrolled Format String
0% (1)CWE-59Improper Link Resolution Before File Access ('Link Following')

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:24080WebKit vulnerability in Apple Safari before 6.0 does not properly handle drag...
oval:org.mitre.oval:def:23787WebKit vulnerability in Apple Safari before 6.0 allows remote attackers to ex...
oval:org.mitre.oval:def:6810WebKit Right-to-Left Displayed Text Handling Memory Corruption Vulnerability
oval:org.mitre.oval:def:29329AIX Logjam Vulnerability
oval:org.mitre.oval:def:29478HP-UX OpenSSL Vulnerability (DHE man-in-the-middle protection (Logjam))
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:24187WebKit vulnerability in Apple Safari before 6.0 allows remote attackers to ex...
oval:org.mitre.oval:def:24264WebKit vulnerability in Apple Safari before 6.0 allows remote attackers to ex...
oval:org.mitre.oval:def:6656WebKit Malformed URL Handling Cross-site Scripting Vulnerability
oval:org.mitre.oval:def:9484WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS...
oval:org.mitre.oval:def:13862USN-822-1 -- kde4libs, kdelibs vulnerabilities
oval:org.mitre.oval:def:22057ELSA-2009:1127: kdelibs security update (Critical)
oval:org.mitre.oval:def:29301RHSA-2009:1127 -- kdelibs security update (Critical)
oval:org.mitre.oval:def:7403WebKit HTML Elements Callback Use-After-Free Error Remote Code Execution Vuln...
oval:org.mitre.oval:def:24365WebKit vulnerability in Apple Safari before 6.0 allows remote attackers to ex...
oval:org.mitre.oval:def:7606WebKit Hover Event Handling Remote Code Execution Vulnerability
oval:org.mitre.oval:def:12160Denial of service attack (during processing of editing commands) in WebKit in...
oval:org.mitre.oval:def:14098WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and ea...
oval:org.mitre.oval:def:24246WebKit vulnerability in Apple Safari before 6.0 allows remote attackers to ex...
oval:org.mitre.oval:def:24147WebKit vulnerability in Apple Safari before 6.0 allows remote attackers to ex...
oval:org.mitre.oval:def:24281WebKit vulnerability in Apple Safari before 6.0 allows remote attackers to ex...
oval:org.mitre.oval:def:23935WebKit vulnerability in Apple Safari before 6.0 allows remote attackers to ex...
oval:org.mitre.oval:def:13253USN-1016-1 -- libxml2 vulnerability
oval:org.mitre.oval:def:12709DSA-2128-1 libxml2 -- invalid memory access
oval:org.mitre.oval:def:12148Vulnerability in libxml2 in Google Chrome before 7.0.517.44
oval:org.mitre.oval:def:24247WebKit vulnerability in Apple Safari before 6.0 allows remote attackers to ex...

SAINT Exploits

DescriptionLink
QuickTime RTSP Content-Type header buffer overflowMore info here
Safari WebKit floating point number buffer overflowMore info here
Apple Safari libxslt File CreateMore info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
77621Google Chrome WebKit Cache Objects Image Handling Browsing History Disclosure
77618Apple Safari WebKit Cache Objects Image Handling Browsing History Disclosure
76391Apple Safari WebKit Private Browsing Mode Cookie Block Bypass
76390Apple Safari SSL Certificate Handling Unitialized Memory Access Remote Code E...
76389Apple Safari file:// URL Handling Remote Code Execution
Hide | Show 20 More...
idDescription
76388Apple Safari safari-extension:// URL Handling Traversal Remote Code Execution
76353Apple iOS WebKit Inactive DOM Window Handling XSS
75255Apple Safari WebKit HTML5 Drop and Drag Content Dragging Remote Information D...
75254Apple Safari / iOS WebKit Attr.style Accessor Parsing Same Origin Policy Bypa...
75253Apple Safari / iOS WebKit HTTP Basic Authentication Authorization HTTP Header...
75013Apple Safari / iOS WebKit Cached Resources Cache Poisoning Remote DoS
74451Apple Safari HTTPS Session HTTP Set-Cookie Header HSTS includeSubDomains Weak...
74019Apple Safari WebKit RSS Feed URL Handling Arbitrary File Disclosure
74018Apple Safari WebKit Cross-origin Username URL Handling XSS
74017Apple Safari WebKit libxslt Unspecified Arbitrary File Creation
74016Apple Safari WebKit Unspecified Memory Corruption (2011-1797)
74015Apple Safari WebKit Unspecified Memory Corruption (2011-1462)
74014Apple Safari WebKit Unspecified Memory Corruption (2011-1457)
74013Apple Safari WebKit Unspecified Memory Corruption (2011-1453)
74012Apple Safari WebKit Unspecified Memory Corruption (2011-1288)
74011Apple Safari WebKit Unspecified Memory Corruption (2011-0255)
74010Apple Safari WebKit Unspecified Memory Corruption (2011-0254)
74009Apple Safari WebKit Unspecified Memory Corruption (2011-0253)
74008Apple Safari WebKit SVG Tag animVal Property Parsing Memory Corruption
74007Apple Safari WebKit Unspecified Memory Corruption (2011-0238)

ExploitDB Exploits

idDescription
28081Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow
22406Konqueror 4.7.3 Memory Corruption
18446Webkit normalize bug for android 2.2 (CVE-2010-1759)
17986Apple Safari file:// Arbitrary Code Execution
17575Safari 5.0.5 SVG Remote Code Execution Exploit (DEP bypass)
Hide | Show 2 More...
idDescription
17567Safari SVG DOM processing PoC
9160Multiple Web Browsers Denial of Service Exploit (1 bug to rule them all)

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-11-19Name : Fedora Update for kdelibs FEDORA-2012-17388
File : nvt/gb_fedora_2012_17388_kdelibs_fc16.nasl
2012-11-02Name : Apple Safari Multiple Vulnerabilities (APPLE-SA-2012-09-19-3)
File : nvt/gb_apple_safari_mult_vuln_nov12_macosx.nasl
2012-10-26Name : Ubuntu Update for webkit USN-1617-1
File : nvt/gb_ubuntu_USN_1617_1.nasl
2012-10-03Name : Fedora Update for libxml2 FEDORA-2012-13824
File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl
2012-10-01Name : Apple Safari Multiple Vulnerabilities - Oct 2012 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_oct12_macosx.nasl
Hide | Show 20 More...
idDescription
2012-09-27Name : Fedora Update for libxml2 FEDORA-2012-13820
File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl
2012-09-17Name : Apple iTunes Multiple Vulnerabilities - Sep 12 (Windows)
File : nvt/gb_apple_itunes_mult_vuln_sep12_win.nasl
2012-08-09Name : Ubuntu Update for webkit USN-1524-1
File : nvt/gb_ubuntu_USN_1524_1.nasl
2012-08-01Name : Apple Safari Multiple Vulnerabilities - Aug 2012 (Windows)
File : nvt/gb_apple_safari_mult_vuln_aug12_win.nasl
2012-07-30Name : CentOS Update for libxml2 CESA-2012:0016 centos4
File : nvt/gb_CESA-2012_0016_libxml2_centos4.nasl
2012-07-30Name : CentOS Update for libxml2 CESA-2012:0017 centos5
File : nvt/gb_CESA-2012_0017_libxml2_centos5.nasl
2012-07-30Name : Apple Safari Multiple Vulnerabilities - July 2012 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_jul12_macosx.nasl
2012-07-13Name : VMSA-2012-0012 VMware ESXi update addresses several security issues.
File : nvt/gb_VMSA-2012-0012.nasl
2012-07-09Name : RedHat Update for libxml2 RHSA-2011:1749-03
File : nvt/gb_RHSA-2011_1749-03_libxml2.nasl
2012-06-05Name : RedHat Update for webkitgtk RHSA-2011:0177-01
File : nvt/gb_RHSA-2011_0177-01_webkitgtk.nasl
2012-05-24Name : Apple Safari Multiple Vulnerabilities - Oct 2011 (Windows)
File : nvt/secpod_apple_safari_mult_vuln_win_oct11.nasl
2012-05-18Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-05-18Name : Apple Safari Webkit Multiple Vulnerabilities - May 12 (Mac OS X)
File : nvt/gb_apple_safari_webkit_mult_vuln_macosx_may12.nasl
2012-05-18Name : Apple Safari Webkit Multiple Vulnerabilities - May 12 (Windows)
File : nvt/gb_apple_safari_webkit_mult_vuln_win_may12.nasl
2012-04-19Name : Opera Web Browser Select Object Denial Of Service Vulnerability (Mac OS X)
File : nvt/gb_opera_select_dos_vuln_macosx.nasl
2012-04-02Name : Fedora Update for kdelibs FEDORA-2011-16151
File : nvt/gb_fedora_2011_16151_kdelibs_fc16.nasl
2012-03-29Name : Fedora Update for kdelibs FEDORA-2012-3483
File : nvt/gb_fedora_2012_3483_kdelibs_fc15.nasl
2012-03-20Name : Apple iTunes Multiple Vulnerabilities - Mar12 (Win)
File : nvt/gb_apple_itunes_mult_vuln_mar12_win.nasl
2012-03-13Name : Apple Safari Webkit Multiple Vulnerabilities - March12 (Mac OS X)
File : nvt/gb_apple_safari_webkit_mult_vuln_mar12_macosx.nasl
2012-03-13Name : Apple Safari Webkit Multiple Vulnerabilities - March12 (Win)
File : nvt/gb_apple_safari_webkit_mult_vuln_mar12_win.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0222Multiple Security Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0061471
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2015-A-0158Multiple Vulnerabilities in Oracle Java SE
Severity : Category I - VMSKEY : V0061089
2014-B-0083Multiple Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0052903
2014-B-0048Multiple Security Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0050015
Hide | Show 4 More...
idDescription
2014-B-0024Multiple Security Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0046157
2013-A-0220Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0042380
2012-A-0153Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity : Category I - VMSKEY : V0033884
2012-A-0073Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity : Category I - VMSKEY : V0032171

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2018-03-27Apple Safari Webkit button first-letter style rendering code execution attempt
RuleID : 45735 - Type : BROWSER-WEBKIT - Revision : 1
2018-03-27Apple Safari Webkit button first-letter style rendering code execution attempt
RuleID : 45734 - Type : BROWSER-WEBKIT - Revision : 1
2018-03-27Apple Safari Webkit button first-letter style rendering code execution attempt
RuleID : 45733 - Type : BROWSER-WEBKIT - Revision : 1
2018-03-27Apple Safari Webkit button first-letter style rendering code execution attempt
RuleID : 45732 - Type : BROWSER-WEBKIT - Revision : 1
2017-07-25Apple Safari Webkit WebCore CSSSelector denial of service attempt
RuleID : 43298 - Type : BROWSER-WEBKIT - Revision : 2
Hide | Show 20 More...
DateDescription
2017-03-30multiple browsers content security policy bypass attempt
RuleID : 42112 - Type : BROWSER-OTHER - Revision : 2
2017-04-12SSL/TLS weak RC4 cipher suite use attempt
RuleID : 41907 - Type : POLICY-OTHER - Revision : 3
2017-04-12Apple Safari FTP URL cross-domain restriction bypass attempt
RuleID : 41855 - Type : BROWSER-WEBKIT - Revision : 1
2017-04-12Apple Safari FTP URL cross-domain restriction bypass attempt
RuleID : 41854 - Type : BROWSER-WEBKIT - Revision : 1
2017-04-06SSLv3 Client Hello attempt
RuleID : 41807 - Type : POLICY-OTHER - Revision : 2
2016-04-05SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37916 - Type : POLICY-OTHER - Revision : 3
2016-04-05SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37915 - Type : POLICY-OTHER - Revision : 3
2016-04-05SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37914 - Type : POLICY-OTHER - Revision : 3
2016-04-05SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37913 - Type : POLICY-OTHER - Revision : 3
2016-04-05SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37912 - Type : POLICY-OTHER - Revision : 3
2016-03-14SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37026 - Type : POLICY-OTHER - Revision : 4
2016-03-14SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37025 - Type : POLICY-OTHER - Revision : 4
2015-08-04Apple Safari URI spoofing attempt
RuleID : 35045 - Type : BROWSER-WEBKIT - Revision : 2
2015-08-04Apple Safari URI spoofing attempt
RuleID : 35044 - Type : BROWSER-WEBKIT - Revision : 2
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33806 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33805 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33804 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33803 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33802 - Type : SERVER-OTHER - Revision : 5
2015-04-14SSL request for export grade ciphersuite attempt
RuleID : 33801 - Type : SERVER-OTHER - Revision : 5

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2018-03-29Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_1ce95bc7327811e8b52700012e582166.nasl - Type : ACT_GATHER_INFO
2017-12-04Name : The remote host is missing a vendor-supplied security patch.
File : check_point_gaia_sk106499.nasl - Type : ACT_GATHER_INFO
2017-11-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-1268.nasl - Type : ACT_GATHER_INFO
2017-11-07Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-2933-1.nasl - Type : ACT_GATHER_INFO
2017-11-02Name : A web browser installed on the remote macOS or Mac OS X host is affected by m...
File : macosx_Safari11_1.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2017-10-24Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3460-1.nasl - Type : ACT_GATHER_INFO
2017-10-16Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201710-14.nasl - Type : ACT_GATHER_INFO
2017-10-03Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_13.nasl - Type : ACT_GATHER_INFO
2017-09-27Name : An application installed on the remote host is affected by multiple vulnerabi...
File : itunes_12_7.nasl - Type : ACT_GATHER_INFO
2017-09-27Name : An application installed on the remote host is affected by multiple vulnerabi...
File : itunes_12_7_banner.nasl - Type : ACT_GATHER_INFO
2017-09-22Name : The remote Apple TV device is affected by multiple vulnerabilities.
File : appletv_11.nasl - Type : ACT_GATHER_INFO
2017-09-20Name : A web browser installed on the remote macOS or Mac OS X host is affected by m...
File : macosx_Safari11_0.nasl - Type : ACT_GATHER_INFO
2017-09-18Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201709-03.nasl - Type : ACT_GATHER_INFO
2017-08-11Name : The remote Fedora host is missing a security update.
File : fedora_2017-9d572cc64a.nasl - Type : ACT_GATHER_INFO
2017-08-03Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3376-1.nasl - Type : ACT_GATHER_INFO
2017-07-31Name : The remote Fedora host is missing a security update.
File : fedora_2017-73d6a0dfbb.nasl - Type : ACT_GATHER_INFO
2017-07-28Name : The remote Fedora host is missing a security update.
File : fedora_2017-24bddb96b5.nasl - Type : ACT_GATHER_INFO
2017-07-27Name : The remote Fedora host is missing a security update.
File : fedora_2017-37f68e3534.nasl - Type : ACT_GATHER_INFO
2017-07-26Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_0f66b901715c11e7ad1fbcaec565249c.nasl - Type : ACT_GATHER_INFO
2017-07-25Name : An application installed on the remote host is affected by multiple vulnerabi...
File : itunes_12_6_2.nasl - Type : ACT_GATHER_INFO
2017-07-25Name : An application running on the remote host is affected by multiple vulnerabili...
File : itunes_12_6_2_banner.nasl - Type : ACT_GATHER_INFO
2017-07-25Name : An application installed on the remote host is affected by multiple vulnerabi...
File : macos_itunes_12_6_2.nasl - Type : ACT_GATHER_INFO
2017-07-25Name : The remote host is missing a macOS or Mac OS X security update that fixes mul...
File : macosx_SecUpd2017-003.nasl - Type : ACT_GATHER_INFO
2017-07-24Name : A web browser installed on the remote macOS or Mac OS X host is affected by m...
File : macosx_Safari10_1_2.nasl - Type : ACT_GATHER_INFO
2017-07-17Name : The remote Fedora host is missing a security update.
File : fedora_2017-772bf90b03.nasl - Type : ACT_GATHER_INFO