CVE-2010-1395
11.06.2010, 18:00
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving DOM constructor objects, related to a "scope management issue."
| Vendor | Product | Version |
|---|---|---|
| apple | safari | 𝑥 ≤ 4.0.5 |
| apple | safari | 4.0 |
| apple | safari | 4.0.0b:b |
| apple | safari | 4.0.1 |
| apple | safari | 4.0.2 |
| apple | safari | 4.0.3 |
| apple | safari | 4.0.4 |
| apple | webkit | * |
| apple | safari | 𝑥 ≤ 4.0.5 |
| apple | safari | 4.0 |
| apple | safari | 4.0.0b:b |
| apple | safari | 4.0.1 |
| apple | safari | 4.0.2 |
| apple | safari | 4.0.3 |
| apple | safari | 4.0.4 |
| apple | webkit | * |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| chromium-browser |
| ||||||||||||||||
| qt4-x11 |
| ||||||||||||||||
| webkit |
|
References