The XSLT implementation in WebKit in Apple Safari prior to 4.0, iPhone OS 1.0 up to and including 2.2.1, and iPhone OS for iPod touch 1.1 up to and including 2.2.1 does not properly handle redirects, which allows remote malicious users to read XML content from arbitrary web pages via a crafted document.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple safari 3.0.4b |
||
apple safari 2.0.3 |
||
apple safari 3.0.4 |
||
apple safari 3.0.1 |
||
apple safari 2.0.1 |
||
apple safari 2.0.2 |
||
apple safari 3.0.0 |
||
apple safari 3.0.0b |
||
apple safari 3.1.0 |
||
apple safari 3.0.3b |
||
apple safari 3.1.2 |
||
apple safari 3.1.0b |
||
apple safari 3.0.3 |
||
apple safari 3.0.2 |
||
apple safari 2.0.4 |
||
apple safari 2.0 |
||
apple safari 3.2.0 |
||
apple safari 3.1.1 |
||
apple safari 3.0.2b |
||
apple safari 3.0.1b |
||
apple safari 2.0.0 |
||
apple safari |
||
apple safari 3.2.1 |
||
apple safari 3.0 |
||
apple iphone_os 1.0.2 |
||
apple iphone_os 2.2 |
||
apple iphone_os 1.1.1 |
||
apple iphone_os 2.0.0 |
||
apple iphone_os 1.1.2 |
||
apple iphone_os 1.1.3 |
||
apple iphone_os 1.1.0 |
||
apple iphone_os 1.0.1 |
||
apple iphone_os 2.1 |
||
apple iphone_os 2.2.1 |
||
apple iphone_os 2.1.1 |
||
apple iphone_os 1.0.0 |
||
apple iphone_os 2.0 |
||
apple iphone_os 1.1.5 |
||
apple iphone_os 1.1.4 |
||
apple iphone_os 2.0.1 |
||
apple iphone_os 2.0.2 |
||
apple ipod_touch |
||
apple iphone_os |