AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:56
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.apple.com/archives/security-announce/2005/Apr/msg00000.html - | |
References | () http://remahl.se/david/vuln/001/ - Exploit |
Information
Published : 2005-05-02 04:00
Updated : 2024-11-20 23:56
NVD link : CVE-2005-0976
Mitre link : CVE-2005-0976
CVE.ORG link : CVE-2005-0976
JSON object : View
Products Affected
hmdt
- shiira
omnigroup
- omniweb
apple
- safari
CWE