7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:C/I:N/A:N
0.006 Low
EPSS
Percentile
79.4%
WebKit in Apple Safari before 4.0 does not prevent references to file: URLs
within (1) audio and (2) video elements, which allows remote attackers to
determine the existence of arbitrary files via a crafted HTML document.
Author | Note |
---|---|
jdstrand | webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit |
mdeslaur | code does not appear present in kde4libs code is different in webkit hardy-jaunty, need to test code is different in qt4-x11 intrepid-jaunty, need to test |