WebKit 1.2.x - Local Webpage Cross Domain Information Disclosure Vulnerability

2011-03-09T00:00:00
ID EDB-ID:35434
Type exploitdb
Reporter Aaron Sigel
Modified 2011-03-09T00:00:00

Description

WebKit 1.2.x Local Webpage Cross Domain Information Disclosure Vulnerability. CVE-2011-0167. Remote exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/46816/info

WebKit is prone to a cross-domain scripting vulnerability because it fails to properly enforce the same-origin policy.

Successfully exploiting this issue will allow attackers to send the content of arbitrary files from the user's system to a remote server controlled by them. This results in disclosure of potentially sensitive information which may aid in further attacks. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/35434.zip