Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x prior to 10.6.5 does not block Java applets in an RSS feed, which allows remote malicious users to obtain sensitive information via a feed: URL containing an applet that performs DOM modifications.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x 10.6.0 |
||
apple mac os x 10.6.2 |
||
apple mac os x 10.6.1 |
||
apple mac os x 10.5.8 |
||
apple mac os x 10.6.3 |
||
apple mac os x 10.6.4 |
||
apple mac os x server 10.5.8 |
||
apple mac os x server 10.6.4 |
||
apple mac os x server 10.6.0 |
||
apple mac os x server 10.6.2 |
||
apple mac os x server 10.6.3 |
||
apple mac os x server 10.6.1 |