Apple Safari 'safari-extension://' URL Handling Directory Traversal Vulnerability

Bugtraq ID: 50163
Class: Input Validation Error
CVE: CVE-2011-3229
Remote: Yes
Local: No
Published: Oct 17 2011 12:00AM
Updated: Oct 17 2011 12:00AM
Credit: Aaron Sigel of vtty.com
Vulnerable: Apple Safari 5.0.6
Apple Safari 4.1.2 for Windows
Apple Safari 4.0.5 for Windows
Apple Safari 4.0.5
Apple Safari 4.0.4 for Windows
Apple Safari 4.0.4
Apple Safari 4.0.3 for Windows
Apple Safari 4.0.3
Apple Safari 4.0.2 for Windows
Apple Safari 4.0.2
Apple Safari 4.0.1
Apple Safari 5.1 for Windows
Apple Safari 5.1
Apple Safari 5.0.6 for windows
Apple Safari 5.0.5 for Windows
Apple Safari 5.0.5
Apple Safari 5.0.4 for Windows
Apple Safari 5.0.4
Apple Safari 5.0.3 for Windows
Apple Safari 5.0.3
Apple Safari 5.0.2 for Windows
Apple Safari 5.0.2
Apple Safari 5.0.1 for Windows
Apple Safari 5.0.1
Apple Safari 5.0 for Windows
Apple Safari 5.0
Apple Safari 4.1.3 for Windows
Apple Safari 4.1.3
Apple Safari 4.1.2
Apple Safari 4.1.1
Apple Safari 4.1
Apple Safari 4
Not Vulnerable: Apple Safari 5.1.1 for Windows
Apple Safari 5.1.1


 

Privacy Statement
Copyright 2010, SecurityFocus