AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote malicious users to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple safari 1.2 |
||
omnigroup omniweb 5.1 |
||
hmdt shiira 0.93 |