WebKit Option Element 'ContentEditable' Attribute Remote Code Execution Vulnerability

Bugtraq ID: 40647
Class: Design Error
CVE: CVE-2010-1396
Remote: Yes
Local: No
Published: Jun 07 2010 12:00AM
Updated: Mar 02 2011 03:48PM
Credit: wushi of team509
Vulnerable: WebKit Open Source Project WebKit 1.2.3
WebKit Open Source Project WebKit 1.2.2
WebKit Open Source Project WebKit r52833
WebKit Open Source Project WebKit r52401
WebKit Open Source Project WebKit r51295
WebKit Open Source Project WebKit r38566
WebKit Open Source Project WebKit 1.2.2-1
WebKit Open Source Project WebKit 0
Ubuntu Ubuntu Linux 9.10 sparc
Ubuntu Ubuntu Linux 9.10 powerpc
Ubuntu Ubuntu Linux 9.10 lpia
Ubuntu Ubuntu Linux 9.10 i386
Ubuntu Ubuntu Linux 9.10 amd64
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 amd64
Pardus Linux 2009 0
MandrakeSoft Linux Mandrake 2010.1 x86_64
MandrakeSoft Linux Mandrake 2010.1
Apple Safari 4.0.5 for Windows
Apple Safari 4.0.5
Apple Safari 4.0.4 for Windows
Apple Safari 4.0.4
Apple Safari 4.0.3 for Windows
Apple Safari 4.0.3
Apple Safari 4.0.2 for Windows
Apple Safari 4.0.2
Apple Safari 4.0.1
Apple Safari 4 for Windows
Apple Safari 4 Beta
Apple Safari 4
Apple iTunes 9.0.2
Apple iTunes 9.0.1 .8
Apple iTunes 9.0.1
Apple iTunes 9.0
Apple iTunes 9.1
Apple iTunes 8.2
Apple iTunes 8.1
Apple iTunes 8.0.2.20
Apple iTunes 8.0
Apple iPod Touch 3.1.3
Apple iPod Touch 3.1.2
Apple iPod Touch 3.1.1
Apple iPod Touch 2.2.1
Apple iPod Touch 2.0.2
Apple iPod Touch 2.0.1
Apple iPod Touch 3.0
Apple iPod Touch 2.2
Apple iPod Touch 2.1
Apple iPod Touch 2.0
Apple iPhone 3.1.3
Apple iPhone 3.1.2
Apple iPhone 3.0.1
Apple iPhone 2.2.1
Apple iPhone 2.0.2
Apple iPhone 2.0.1
Apple iPhone 3.1
Apple iPhone 3.0
Apple iPhone 2.2
Apple iPhone 2.1
Apple iPhone 2.0
Not Vulnerable: WebKit Open Source Project WebKit 1.2.5
Apple Safari 5.0 for Windows
Apple Safari 5.0
Apple Safari 4.1
Apple iTunes 9.2
Apple iOS 4


 

Privacy Statement
Copyright 2010, SecurityFocus