Security
Headlines
HeadlinesLatestCVEs

Tag

#android

CVE-2011-1344: Safari, IE hacked first at Pwn2Own

Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011.

CVE
#vulnerability#web#ios#android#mac#windows#apple#google#microsoft#auth#zero_day#chrome#webkit#firefox
CVE-2008-6566: Best Open Source Mac Software 2022

Unspecified vulnerability in Octopussy before 0.9.5.8 has unknown impact and attack vectors related to a "major security" vulnerability.

CVE-2007-4367: Browser Problems? We can help you! | Help & FAQ | Opera

Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."

CVE-2007-0803: Best Open Source Mac Software 2022

Multiple buffer overflows in STLport before 5.0.3 allow remote attackers to execute arbitrary code via unspecified vectors relating to (1) "print floats" and (2) a missing null termination in the "rope constructor."

CVE-2006-0963: Best Open Source Mac Software 2022

Multiple buffer overflows in STLport 5.0.2 might allow local users to execute arbitrary code via (1) long locale environment variables to a strcpy function call in c_locale_glibc2.c and (2) long arguments to unspecified functions in num_put_float.cpp.

CVE-2005-4210: Browser Problems? We can help you! | Help & FAQ | Opera

Opera before 8.51, when running on Windows with Input Method Editor (IME) installed, allows remote attackers to cause a denial of service (persistent application crash) by bookmarking a site with a long title.

CVE-2005-2405: Opera Browser | Windows, Mac, Linux, Android, iOS | Opera

Opera 8.01, when the "Arial Unicode MS" font (ARIALUNI.TTF) is installed, does not properly handle extended ASCII characters in the file download dialog box, which allows remote attackers to spoof file extensions and possibly trick users into executing arbitrary code.

CVE-2005-0456: Opera Browser | Windows, Mac, Linux, Android, iOS | Opera

Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code.

CVE-2004-0473: Opera Browser | Windows, Mac, Linux, Android, iOS | Opera

Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that begin a hostname in a telnet URI, which allows remote attackers to insert options to the resulting command line and overwrite arbitrary files via (1) the "-f" option on Windows XP or (2) the "-n" option on Linux.