Design/Logic Flaw

2012-07-2519:55:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

0.001 Low

EPSS

Percentile

48.1%

JSON

WebKit in Apple Safari before 6.0 does not properly handle file: URLs, which allows remote attackers to bypass intended sandbox restrictions and read arbitrary files by leveraging a WebProcess compromise.

CPENameOperatorVersion
safarieq4.0.2
safarieq3.0.498
safarieq1.3.0
safarieq1.0.3 85.8
safarieq2.0.3 417.9.3
safarieq5.1.3
safarieq4.0.1
safarieq1.3.2
safarieq2
safarieq1.1.1