4 matches found
Apple Safari WebKit fails to properly handle a crafted URL
Overview A vulnerability in the way Apple Mac OS X handles specially crafted URLs may allow an attacker to execute script in the context of another site.. Description According to Apple Safari 3.1.1: An issue exists in WebKit's handling of URLs containing a colon character in the host name. Openi...
CVE-2008-1025
Cross-site scripting XSS vulnerability in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a colon in the hostname portion...
CVE-2008-1025
The CVE-2008-1025 entry concerns Apple Safari/WebKit prior to version 3.1.1, where WebKit mishandles URLs with a colon in the hostname, enabling cross-site scripting (XSS). The vulnerability is rooted in WebKit’s URL handling and affects Safari before 3.1.1. Reported impact is that an attacker ca...
CVE-2008-1025
Removed by vendor...