CVE-2010-0541
17.06.2010, 16:30
Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page.
| Vendor | Product | Version |
|---|---|---|
| apple | mac_os_x | 10.5.8 |
| apple | mac_os_x | 10.6.0 |
| apple | mac_os_x | 10.6.1 |
| apple | mac_os_x | 10.6.2 |
| apple | mac_os_x | 10.6.3 |
| apple | mac_os_x_server | 10.5.8 |
| apple | mac_os_x_server | 10.6.0 |
| apple | mac_os_x_server | 10.6.1 |
| apple | mac_os_x_server | 10.6.2 |
| apple | mac_os_x_server | 10.6.3 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ruby1.8 |
| ||||||||||||||||||||||||
| ruby1.9 |
| ||||||||||||||||||||||||
| ruby1.9.1 |
|
References