CVE-2009-2200

Metadata

CVE-2009-2200
7.1
lists.apple.com, lists.opensuse.org, support.apple.com, securityfocus.com, securitytracker.com, vupen.com
2009-08-12
2017-06-06 20:20

Description

WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document.

Related Vulnerabilities

platform vulnerability
CVE-2009-2200 qt4-x11
CVE-2009-2200 webkit