MobileSafari
by Apple Inc.
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-0729 | 0.04 | — | 0.08 | Feb 12, 2008 | Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to… | |||
| CVE-2013-5152 | 0.00 | — | 0.00 | Sep 19, 2013 | Mobile Safari in Apple iOS before 7 allows remote attackers to spoof the URL bar via a crafted web site. | |||
| CVE-2013-5151 | 0.00 | — | 0.00 | Sep 19, 2013 | Mobile Safari in Apple iOS before 7 does not prevent HTML interpretation of a document served with a text/plain content type, which allows remote attackers to conduct cross-site scripting (XSS) attacks by uploading a file. | |||
| CVE-2011-0158 | 0.00 | — | 0.01 | Mar 11, 2011 | MobileSafari in Apple iOS before 4.3 does not properly implement application launching through URL handlers, which allows remote attackers to cause a denial of service (persistent application crash) via crafted JavaScript code. |
- CVE-2008-0729Feb 12, 2008risk 0.04cvss —epss 0.08
Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to…
- CVE-2013-5152Sep 19, 2013risk 0.00cvss —epss 0.00
Mobile Safari in Apple iOS before 7 allows remote attackers to spoof the URL bar via a crafted web site.
- CVE-2013-5151Sep 19, 2013risk 0.00cvss —epss 0.00
Mobile Safari in Apple iOS before 7 does not prevent HTML interpretation of a document served with a text/plain content type, which allows remote attackers to conduct cross-site scripting (XSS) attacks by uploading a file.
- CVE-2011-0158Mar 11, 2011risk 0.00cvss —epss 0.01
MobileSafari in Apple iOS before 4.3 does not properly implement application launching through URL handlers, which allows remote attackers to cause a denial of service (persistent application crash) via crafted JavaScript code.