CVE Reference: CVE-2009-2420

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2009-2420

Description:
Apple Safari 3.2.3 does not properly implement the file: protocol handler, which allows remote attackers to read arbitrary files or cause a denial of service (launch of multiple Windows Explorer instances) via vectors involving an unspecified HTML tag, possibly a related issue to CVE-2009-1703.

CVE Status:
Candidate

References:

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/504480/100/0/threaded

BID
  35482


Return to the previous page.