CVE Reference: CVE-2010-0541

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2010-0541

Description:
Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page.

CVE Status:
Candidate

References:

SAID
  Secunia Advisory: SA40220

REDHAT
  http://www.redhat.com/support/errata/RHSA-2011-0908.html
  http://www.redhat.com/support/errata/RHSA-2011-0909.html

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDVSA-2011:098
  http://www.mandriva.com/security/advisories?name=MDVSA-2011:097

CONFIRM
  http://support.apple.com/kb/HT4188

BID
  40871
  40895

APPLE
  http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html


Return to the previous page.