Lucene search
K

553 matches found

NVD
NVD
added 2009/06/10 6:0 p.m.15 views

CVE-2009-1699

The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a...

7.5CVSS7.1AI score0.29098EPSS
Exploits3References17
CVE
CVE
added 2009/06/10 5:37 p.m.94 views

CVE-2009-1699

The CVE-2009-1699 entry is confirmed in connected documents as a WebKit XXE vulnerability: qt4-x11 uses WebKit’s XSL stylesheet processing and does not properly handle XML external entities, enabling remote file disclosure via a crafted DTD (e.g., file:///… paths). Affected product/kit: Qt4-x11 w...

7.5CVSS6.9AI score0.29098EPSS
Exploits3References17Affected Software2
Debian CVE
Debian CVE
added 2009/06/10 5:37 p.m.45 views

CVE-2009-1699

Removed by vendor...

7.5CVSS7.5AI score0.29098EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2009/06/10 12:0 a.m.27 views

CVE-2009-1699

The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a...

7.5CVSS7.2AI score0.29098EPSS
Exploits3References3
securityvulns
securityvulns
added 2009/06/09 12:0 a.m.46 views

Apple Safari local file theft vulnerability

Hi, Safari prior to version 4 may permit an evil web page to steal files from the local system. This is accomplished by mounting an XXE attack against the parsing of the XSL XML. This is best explained with a sample evil XSL file which includes a DTD that attempts the XXE attack: !DOCTYPE doc...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2009/06/09 12:0 a.m.34 views

Apple Safari 3.2.x - XML External Entity Local File Theft

Safari prior to version 4 may permit an evil web page to steal files from the local system. This is accomplished by mounting an XXE attack against the parsing of the XSL XML. This is best explained with a sample evil XSL file which includes a DTD that attempts the XXE attack: Below you should see...

7AI score
Exploits0
0day.today
0day.today
added 2009/06/09 12:0 a.m.14 views

Apple Safari <= 3.2.x (XXE attack) Local File Theft Vulnerability

Exploit for multiple platform in category remote exploits ================================================================= Apple Safari Below you should see the content of a local file, stolen by this evil web page. alertdocument.body.innerHTML; To mount the attack, the attacker would serve a we...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/06/09 12:0 a.m.14 views

Apple Safari 3.2.x - XML External Entity Local File Theft

Apple Safari 3.2.x - XML External Entity Local File Theft Safari prior to version 4 may permit an evil web page to steal files from the local system. This is accomplished by mounting an XXE attack against the parsing of the XSL XML. This is best explained with a sample evil XSL file which include...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2009/06/09 12:0 a.m.22 views

Apple Safari XXE Local File Theft

Hi, Safari prior to version 4 may permit an evil web page to steal files from the local system. This is accomplished by mounting an XXE attack against the parsing of the XSL XML. This is best explained with a sample evil XSL file which includes a DTD that attempts the XXE attack: Below you should...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/05/08 12:0 a.m.30 views

WebKit - XML External Entity Information Disclosure

source: https://www.securityfocus.com/bid/35321/info WebKit is prone to a remote information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. NOTE: This issue was previously covered in BID 35260 Apple Safari Prior to 4.0...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/05/08 12:0 a.m.19 views

WebKit - XML External Entity Information Disclosure

WebKit - XML External Entity Information Disclosure source: https://www.securityfocus.com/bid/35321/info WebKit is prone to a remote information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. NOTE: This issue was...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2005/06/17 12:0 a.m.26 views

Adobe Reader 7: XML External Entity &#40;XXE&#41; Attack

XML External Entity XXE Attack Possible in Adobe Reader 7 ----------------------------------------------------------- SHH 7, 2005-06-16 Description ----------- Recent versions of Adobe Reader previously known as Acrobat Reader are vulnerable to XML External Entity XXE Attacks. By including a...

0.6AI score
Exploits0
Debian CVE
Debian CVE
added 1976/01/01 12:0 a.m.26 views

CVE-2021-46849

Removed by vendor...

6.8AI score
Exploits0
Rows per page
Query Builder