CVE-2009-1713 Information
Description
The XSLT functionality in WebKit in Apple Safari before 4.0 does not properly implement the document function which allows remote attackers to read (1) arbitrary local files and (2) files from different security zones via unspecified vectors.
Reference
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://osvdb.org/54975 http://secunia.com/advisories/35379 http://secunia.com/advisories/43068 http://support.apple.com/kb/HT3613 http://www.securityfocus.com/bid/35260 http://www.ubuntu.com/usn/USN-857-1 http://www.vupen.com/english/advisories/2009/1522 http://www.vupen.com/english/advisories/2011/0212 https://exchange.xforce.ibmcloud.com/vulnerabilities/51267
Share on: