296,225
Total vulnerabilities in the database
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret Unicode encoding, which allows remote attackers to spoof a postMessage origin, and bypass intended restrictions on sending a message to a connected frame or window, via crafted characters in a URL.
| Software | From | Fixed in |
|---|---|---|
| apple / safari | 7.0.1 | 7.0.1.x |
| apple / safari | 6.0 | 6.0.x |
| apple / safari | - | 6.1.3.x |
| apple / safari | 6.0.3 | 6.0.3.x |
| apple / safari | 7.0.3 | 7.0.3.x |
| apple / safari | 6.1.2 | 6.1.2.x |
| apple / safari | 6.0.2 | 6.0.2.x |
| apple / safari | 6.1.1 | 6.1.1.x |
| apple / safari | 6.0.5 | 6.0.5.x |
| apple / safari | 7.0 | 7.0.x |
| apple / safari | 6.1 | 6.1.x |
| apple / safari | 6.0.4 | 6.0.4.x |
| apple / safari | 7.0.2 | 7.0.2.x |
| apple / safari | 6.0.1 | 6.0.1.x |