Lucene search
HistoryMay 02, 2005 - 4:00 a.m.
CVE-2005-0976
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.7
Confidence
Low
EPSS
0.004
Percentile
74.4%
AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs.
Affected configurations
Node
applesafariMatch1.2
ORhmdtshiiraMatch0.93
ORomnigroupomniwebMatch5.1
Related
securityvulns
securityvulns
[DR001] AppleWebKit XMLHttpRequest arbitrary file disclosure vulnerability
2005-04-16 00:00:00
cvelist
cvelist
CVE-2005-0976
2005-04-18 04:00:00
cert
cert
cve
cve
CVE-2005-0976
2005-05-02 04:00:00
nessus
nessus
Mac OS X 10.3.x < 10.3.9 Multiple Vulnerabilities
2005-04-16 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.7
Confidence
Low
EPSS
0.004
Percentile
74.4%
Related for NVD:CVE-2005-0976