Published: 10/06/2009 Updated: 17/02/2011

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

VMScore: 632

Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N

WebKit in Apple Safari prior to 4.0 allows user-assisted remote malicious users to obtain sensitive information via vectors involving drag events and the dragging of content over a crafted web page.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple safari 3.1.1
apple safari 3.1
apple safari 1.3.1
apple safari 1.3.2
apple safari 3.0.2
apple safari 0.9
apple safari 3.1.2
apple safari 0.8
apple safari 2.0
apple safari 2.0.2
apple safari 3.0.3
apple safari 3.0
apple safari 3.0.4
apple safari 1.0
apple safari 1.1
apple safari 2.0.4
apple safari 3.2.1
apple safari 1.0.3
apple safari 1.2
apple safari 1.3
apple safari 3.2.3
apple safari
apple safari 3.0.1
apple safari 3.2.2
apple safari 3.2

Debian Bug report logs - #535793 webkit: deluge of security vulnerabilities Package: webkit; Maintainer for webkit is (unknown); Reported by: Michael S Gilbert <michaelsgilbert@gmailcom> Date: Sun, 5 Jul 2009 05:18:04 UTC Severity: grave Tags: fixed-upstream, security Found in version 101-4 Fixed in version 1121-1 ...

CWE-200 http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://secunia.com/advisories/35379 http://www.securityfocus.com/bid/35260 http://www.vupen.com/english/advisories/2009/1522 http://support.apple.com/kb/HT3613 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://www.vupen.com/english/advisories/2011/0212 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535793

CVE-2009-1718

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect