WebKit Local Storage and Web SQL Database Directory Traversal Vulnerability

WebKit is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input.

Exploiting this issue allows attackers to create database files in arbitrary locations; this may lead to a complete compromise of the affected computer or aid in other attacks.

NOTE: This issue was previously covered in BID 40620 (Apple Safari Prior to 5.0 and 4.1 Multiple Security Vulnerabilities) but has been given its own record to better document it.


 

Privacy Statement
Copyright 2010, SecurityFocus