WebKit Empty Hostname URI Handling Cross Site Scripting Vulnerability

Bugtraq ID: 40717
Class: Input Validation Error
CVE: CVE-2010-0544
Remote: Yes
Local: No
Published: Jun 07 2010 12:00AM
Updated: Mar 19 2015 08:39AM
Credit: Michal Zalewski of Google, Inc.
Vulnerable: WebKit Open Source Project WebKit r52833
WebKit Open Source Project WebKit r52401
WebKit Open Source Project WebKit r51295
WebKit Open Source Project WebKit r38566
WebKit Open Source Project WebKit 0
Apple Safari 4.0.5 for Windows
Apple Safari 4.0.5
Apple Safari 4.0.4 for Windows
Apple Safari 4.0.4
Apple Safari 4.0.3 for Windows
Apple Safari 4.0.3
Apple Safari 4.0.2 for Windows
Apple Safari 4.0.2
Apple Safari 4.0.1
Apple Safari 4 for Windows
Apple Safari 4 Beta
Apple Safari 4
Apple iTunes 9.0.2
Apple iTunes 9.0.1 .8
Apple iTunes 9.0.1
Apple iTunes 9.0
Apple iTunes 9.1
Apple iTunes 8.2
Apple iTunes 8.1
Apple iTunes 8.0.2.20
Apple iTunes 8.0
Apple iPod Touch 3.1.3
Apple iPod Touch 3.1.2
Apple iPod Touch 3.1.1
Apple iPod Touch 2.2.1
Apple iPod Touch 2.0.2
Apple iPod Touch 2.0.1
Apple iPod Touch 3.0
Apple iPod Touch 2.2
Apple iPod Touch 2.1
Apple iPod Touch 2.0
Apple iPhone 3.1.3
Apple iPhone 3.1.2
Apple iPhone 3.0.1
Apple iPhone 2.2.1
Apple iPhone 2.0.2
Apple iPhone 2.0.1
Apple iPhone 3.1
Apple iPhone 3.0
Apple iPhone 2.2
Apple iPhone 2.1
Apple iPhone 2.0
Apple iPad 3.2.1
Apple iPad 3.2.2
Apple iPad 3.2
Apple iPad 0
Apple iOS 4.0.2
Apple iOS 4.0.1
Apple iOS 3.2.2
Apple iOS 3.2.1
Apple iOS 4.2 beta
Apple iOS 4.1
Apple iOS 4
Apple iOS 3.2
Not Vulnerable: Apple Safari 5.0 for Windows
Apple Safari 5.0
Apple Safari 4.1
Apple iTunes 9.2
Apple iOS 4.2
Apple iOS 4


 

Privacy Statement
Copyright 2010, SecurityFocus