Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2009-2841
HistoryNov 13, 2009 - 3:30 p.m.

Design/Logic Flaw

2009-11-1315:30:00
PRIOn knowledge base
www.prio-n.com
9

6.1 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

77.8%

JSON

The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attackers to trigger sub-resource requests to arbitrary web sites via a crafted HTML document, as demonstrated by an HTML e-mail message that uses a media element for X-Confirm-Reading-To functionality, aka rdar problem 7271202.

References

Related

seebug 2
ubuntucve 1
cve 1
debiancve 1
cvelist 1
nessus 10
threatpost 2
openvas 7
fedora 2
seebug
seebug
WebKit资源装载回调信息泄漏漏洞
2009-11-16 00:00:00
Safari 4.0.4版本修复多个安全漏洞
2009-11-13 00:00:00
ubuntucve
ubuntucve
CVE-2009-2841
2009-11-13 00:00:00
cve
cve
CVE-2009-2841
2009-11-13 15:30:00
debiancve
debiancve
CVE-2009-2841
2009-11-13 15:30:00
cvelist
cvelist
CVE-2009-2841
2009-11-13 15:00:00
nessus
nessus
Fedora 12 : qt-4.6.3-8.fc12 (2010-11020)
2010-07-14 00:00:00
Fedora 13 : qt-4.6.3-8.fc13 (2010-11011)
2010-07-14 00:00:00
Apple iOS < 3.1.3 Multiple Vulnerabilities
2010-02-12 00:00:00
threatpost
threatpost
Apple Plugs Critical iPhone Security Holes
2010-02-02 19:05:36
Apple Patches Critical Safari Vulnerabilities
2009-11-11 21:45:09
openvas
openvas
Fedora Update for qt FEDORA-2010-11011
2010-07-16 00:00:00
Fedora Update for qt FEDORA-2010-11011
2010-07-16 00:00:00
Fedora Update for qt FEDORA-2010-11020
2010-07-16 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: qt-4.6.3-8.fc13
2010-07-13 07:40:16
[SECURITY] Fedora 12 Update: qt-4.6.3-8.fc12
2010-07-13 07:43:47

6.1 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

77.8%

JSON
Related for PRION:CVE-2009-2841
seebug2ubuntucve1cve1debiancve1cvelist1nessus10threatpost2openvas7fedora2