WebKit Preflight Request Same-Origin Policy Bypass Vulnerability

Bugtraq ID: 36997
Class: Access Validation Error
CVE: CVE-2009-2816
Remote: Yes
Local: No
Published: Nov 11 2009 12:00AM
Updated: Apr 13 2015 10:10PM
Credit: Apple
Vulnerable: WebKit Open Source Project WebKit 0
Pardus Linux 2009 0
Google Chrome 3.0.195 .32
Google Chrome 3.0.195 .24
Google Chrome 3.0.195 .21
Google Chrome 2.0.172 .43
Google Chrome 2.0.172 .37
Google Chrome 2.0.172 .33
Google Chrome 2.0.172 .31
Google Chrome 2.0.172 .30
Google Chrome 1.0.154 .61
Google Chrome 1.0.154.65
Google Chrome 1.0.154.64
Google Chrome 1.0.154.59
Google Chrome 1.0.154.55
Google Chrome 1.0.154.53
Google Chrome 1.0.154.48
Google Chrome 1.0.154.46
Google Chrome 1.0.154.36
Apple Safari For Windows 3.2.1
Apple Safari 4.0.3 for Windows
Apple Safari 4.0.3
Apple Safari 4.0.2 for Windows
Apple Safari 4.0.2
Apple Safari 4.0.1
Apple Safari 3.2.3 for Windows
Apple Safari 3.2.3
Apple Safari 3.2.2 for Windows
Apple Safari 3.1.2 for Windows
Apple Safari 3.1.2
Apple Safari 3.1.1 for Windows
Apple Safari 3.1.1
Apple Safari 3.0.4 Beta for Windows
Apple Safari 3.0.3 Beta for Windows
Apple Safari 3.0.3 Beta
Apple Safari 3.0.2 Beta for Windows
Apple Safari 3.0.2 Beta
Apple Safari 3.0.1 Beta for Windows
Apple Safari 3.0.1 Beta
Apple Safari 4 for Windows
Apple Safari 4 Beta
Apple Safari 4
Apple Safari 3.2
Apple Safari 3.1 for Windows
Apple Safari 3.1
Apple Safari 3 Beta for Windows
Apple Safari 3 Beta
Apple iPod Touch 3.1.3
Apple iPod Touch 3.1.2
Apple iPod Touch 3.1.1
Apple iPod Touch 2.2.1
Apple iPod Touch 2.0.2
Apple iPod Touch 2.0.1
Apple iPod Touch 3.0
Apple iPod Touch 2.2
Apple iPod Touch 2.1
Apple iPod Touch 2.0
Apple iPhone 3.1.3
Apple iPhone 3.1.2
Apple iPhone 3.0.1
Apple iPhone 2.2.1
Apple iPhone 2.0.2
Apple iPhone 2.0.1
Apple iPhone 3.1
Apple iPhone 3.0
Apple iPhone 2.2
Apple iPhone 2.1
Apple iPhone 2.0
Not Vulnerable: Google Chrome 3.0.195 .33
Apple Safari 4.0.4 for Windows
Apple Safari 4.0.4
Apple iOS 4


 

Privacy Statement
Copyright 2010, SecurityFocus