Matthieu Bonetti

Researcher fromVUPEN Vulnerability Research Team
#19422of 53,635
13.6Total CVSS
Vulnerabilities · 2
Medium
1
High
1
PT-2010-3088
9.3
2010-06-11
Apple · Macos X · CVE-2010-1392
**Name of the Vulnerable Software and Affected Versions** Apple Safari versions prior to 5.0 on Mac OS X 10.5 through 10.6 and Windows Apple Safari versions prior to 4.1 on Mac OS X 10.4 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to HTML buttons and the first-letter CSS style. This can lead to an application crash. **Recommendations** For Apple Safari versions prior to 5.0 on Mac OS X 10.5 through 10.6 and Windows, update to version 5.0 or later. For Apple Safari versions prior to 4.1 on Mac OS X 10.4, update to version 4.1 or later.
PT-2010-3089
4.3
2010-06-11
Apple · Macos X · CVE-2010-1393
**Name of the Vulnerable Software and Affected Versions** Apple Safari versions prior to 5.0 on Mac OS X 10.5 through 10.6 and Windows, and prior to 4.1 on Mac OS X 10.4 **Description** The issue allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL, due to a problem in the Cascading Style Sheets (CSS) implementation in WebKit. **Recommendations** For Apple Safari versions prior to 5.0 on Mac OS X 10.5 through 10.6 and Windows, and prior to 4.1 on Mac OS X 10.4, update to version 5.0 or later on Mac OS X 10.5 through 10.6 and Windows, and to version 4.1 or later on Mac OS X 10.4.