2 matches found
CVE-2010-3796
Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not block Java applets in an RSS feed, which allows remote attackers to obtain sensitive information via a feed: URL containing an applet that performs DOM modifications...
CVE-2010-3796
CVE-2010-3796 affects Safari RSS in Mac OS X 10.5.8 and 10.6.x prior to 10.6.5. A Java applet in an RSS feed could modify the DOM, allowing remote attackers to obtain sensitive information via a crafted feed URL. The issue is mitigated in 10.6.5 and later (Apple Security Update HT4435; addressed ...