CVE-2009-2842 Information

Description

Apple Safari before 4.0.4 does not properly implement certain (1) Open Image and (2) Open Link menu options which allows remote attackers to read local HTML files via a crafted web site.

Reference

http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html http://osvdb.org/59942 http://secunia.com/advisories/37346 http://support.apple.com/kb/HT3949 http://www.securityfocus.com/bid/36994 http://www.securitytracker.com/id?1023164 http://www.vupen.com/english/advisories/2009/3217 https://exchange.xforce.ibmcloud.com/vulnerabilities/54238 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5915