• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

WebKit Preflight Request Same-Origin Policy Bypass Vulnerability

Bugtraq ID:	36997
Class:	Access Validation Error
CVE:	CVE-2009-2816
Remote:	Yes
Local:	No
Published:	Nov 11 2009 12:00AM
Updated:	Nov 19 2009 05:26PM
Credit:	Apple
Vulnerable:	WebKit Open Source Project WebKit 0 RedHat Fedora 12 RedHat Fedora 11 RedHat Fedora 10 Pardus Linux 2009 0 Google Chrome 3.0.195 32 Google Chrome 3.0.195 24 Google Chrome 3.0.195 121 Google Chrome 2.0.172 43 Google Chrome 2.0.172 37 Google Chrome 2.0.172 33 Google Chrome 2.0.172 31 Google Chrome 2.0.172 30 Google Chrome 1.0.154 61 Google Chrome 1.0.154.65 Google Chrome 1.0.154.64 Google Chrome 1.0.154.59 Google Chrome 1.0.154.55 Google Chrome 1.0.154.53 Google Chrome 1.0.154.48 Google Chrome 1.0.154.46 Google Chrome 1.0.154.36 Apple Safari For Windows 3.2.1 Apple Safari 4.0.3 for Windows Apple Safari 4.0.3 Apple Safari 4.0.2 for Windows Apple Safari 4.0.2 Apple Safari 4.0.1 Apple Safari 3.2.3 for Windows Apple Safari 3.2.3 Apple Safari 3.2.2 for Windows Apple Safari 3.1.2 for Windows Apple Safari 3.1.2 Apple Safari 3.1.1 for Windows Apple Safari 3.1.1 Apple Safari 3.0.4 Beta for Windows Apple Safari 3.0.3 Apple Safari 3.0.3 Apple Safari 3.0.2 Beta for Windows Apple Safari 3.0.2 Beta Apple Safari 3.0.1 Beta for Windows Apple Safari 3.0.1 Beta Apple Safari 4 for Windows Apple Safari 4 Beta Apple Safari 4 Beta Apple Safari 4 Apple Safari 3.2 Apple Safari 3.1 for Windows Apple Safari 3.1 Apple Safari 3 Beta for Windows Apple Safari 3 Beta
Not Vulnerable:	Google Chrome 3.0.195 33 Apple Safari 4.0.4 for Windows Apple Safari 4.0.4