WebKit 'HTML5' Drag and Drop Cross-Origin Information Disclosure Vulnerability

Bugtraq ID: 46811
Class: Origin Validation Error
CVE: CVE-2011-0166
Remote: Yes
Local: No
Published: Mar 09 2011 12:00AM
Updated: Oct 12 2011 11:00PM
Credit: Michal Zalewski of Google Inc
Vulnerable: WebKit Open Source Project WebKit 1.2.5
WebKit Open Source Project WebKit 1.2.3
WebKit Open Source Project WebKit 1.2.2
WebKit Open Source Project WebKit r77705
WebKit Open Source Project WebKit r52833
WebKit Open Source Project WebKit r52401
WebKit Open Source Project WebKit r51295
WebKit Open Source Project WebKit r38566
WebKit Open Source Project WebKit 1.2.X
WebKit Open Source Project WebKit 1.2.2-1
WebKit Open Source Project WebKit 0
Apple Safari 5.0.3 for Windows
Apple Safari 5.0.3
Apple Safari 5.0.2 for Windows
Apple Safari 5.0.2
Apple Safari 5.0.1 for Windows
Apple Safari 5.0.1
Apple Safari 5.0 for Windows
Apple Safari 5.0
Apple iPod Touch 0
Apple iPhone 0
Apple iPad 0
Apple iOS 4.2.1
Apple iOS 4.0.2
Apple iOS 4.0.1
Apple iOS 4.3.5
Apple iOS 4.3.4
Apple iOS 4.3.3
Apple iOS 4.3.2
Apple iOS 4.3.1
Apple iOS 4.3
Apple iOS 4.2.9
Apple iOS 4.2.8
Apple iOS 4.2.7
Apple iOS 4.2.6
Apple iOS 4.2.5
Apple iOS 4.2.10
Apple iOS 4.2 beta
Apple iOS 4.2
Apple iOS 4.1
Apple iOS 4
Not Vulnerable: Apple Safari 5.0.4 for Windows
Apple Safari 5.0.4
Apple iOS 5


 

Privacy Statement
Copyright 2010, SecurityFocus