CVE-2011-0167

2011-03-1122:00:00

apple

www.cve.org

AI Score

8.5

Confidence

High

EPSS

0.005

Percentile

76.3%

JSON

The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary local files from a client computer, via a crafted web site.

References

lists.apple.com/archives/security-announce/2011//Mar/msg00004.html

support.apple.com/kb/HT4566

www.securityfocus.com/bid/46816

www.securitytracker.com/id?1025183