The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag.
Max CVSS
7.8
EPSS Score
11.01%
Published
2005-12-22
Updated
2017-07-20
Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function.
Max CVSS
7.8
EPSS Score
0.28%
Published
2005-11-29
Updated
2016-10-18
Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.
Max CVSS
5.0
EPSS Score
3.86%
Published
2005-09-21
Updated
2017-07-11
Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body.
Max CVSS
5.0
EPSS Score
39.32%
Published
2005-08-17
Updated
2008-09-05
Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference.
Max CVSS
2.6
EPSS Score
1.36%
Published
2005-05-03
Updated
2016-10-18
Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.
Max CVSS
5.0
EPSS Score
1.15%
Published
2005-01-10
Updated
2017-07-11
6 vulnerabilities found