CVE-2010-1420

Description

Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file.

Affected products

• Apple / cfnetwork
• Apple / Safari5.0.5
• Apple / Safari1.0 – 1.0
• Apple / Safari1.0 – 1.0
• Apple / Safari1.0 – 1.0
• Apple / Safari1.0.0 – 1.0.0
• Apple / Safari1.0.0b1 – 1.0.0b1
• Apple / Safari1.0.0b2 – 1.0.0b2
• Apple / Safari1.0.1 – 1.0.1
• Apple / Safari1.0.2 – 1.0.2
• Apple / Safari1.0.3 – 1.0.3
• Apple / Safari1.0.3 – 1.0.3
• Apple / Safari1.0.3 – 1.0.3
• Apple / Safari1.1 – 1.1
• Apple / Safari1.1.0 – 1.1.0
• Apple / Safari1.1.1 – 1.1.1
• Apple / Safari1.2 – 1.2
• Apple / Safari1.2.0 – 1.2.0
• Apple / Safari1.2.1 – 1.2.1
• Apple / Safari1.2.2 – 1.2.2
• Apple / Safari1.2.3 – 1.2.3
• Apple / Safari1.2.4 – 1.2.4
• Apple / Safari1.2.5 – 1.2.5
• Apple / Safari1.3 – 1.3
• Apple / Safari1.3.0 – 1.3.0
• Apple / Safari1.3.1 – 1.3.1
• Apple / Safari1.3.2 – 1.3.2
• Apple / Safari1.3.2 – 1.3.2
• Apple / Safari1.3.2 – 1.3.2
• Apple / Safari2 – 2
• Apple / Safari2.0 – 2.0
• Apple / Safari2.0.0 – 2.0.0
• Apple / Safari2.0.1 – 2.0.1
• Apple / Safari2.0.2 – 2.0.2
• Apple / Safari2.0.3 – 2.0.3
• Apple / Safari2.0.3 – 2.0.3
• Apple / Safari2.0.3 – 2.0.3
• Apple / Safari2.0.3 – 2.0.3
• Apple / Safari2.0.3 – 2.0.3
• Apple / Safari2.0.4 – 2.0.4
• Apple / Safari3 – 3
• Apple / Safari3.0 – 3.0
• Apple / Safari3.0.0 – 3.0.0
• Apple / Safari3.0.0b – 3.0.0b
• Apple / Safari3.0.1 – 3.0.1
• Apple / Safari3.0.1b – 3.0.1b
• Apple / Safari3.0.2 – 3.0.2
• Apple / Safari3.0.2b – 3.0.2b
• Apple / Safari3.0.3 – 3.0.3
• Apple / Safari3.0.3b – 3.0.3b
• Apple / Safari3.0.4 – 3.0.4
• Apple / Safari3.0.4b – 3.0.4b
• Apple / Safari3.1.0 – 3.1.0
• Apple / Safari3.1.0b – 3.1.0b
• Apple / Safari3.1.1 – 3.1.1
• Apple / Safari3.1.2 – 3.1.2
• Apple / Safari3.2.0 – 3.2.0
• Apple / Safari3.2.1 – 3.2.1
• Apple / Safari3.2.2 – 3.2.2
• Apple / Safari4.1 – 4.1
• Apple / Safari4.1.1 – 4.1.1
• Apple / Safari4.1.2 – 4.1.2
• Apple / Safari5.0 – 5.0
• Apple / Safari5.0.1 – 5.0.1
• Apple / Safari5.0.2 – 5.0.2
• Apple / Safari5.0.3 – 5.0.3
• Apple / Safari5.0.4 – 5.0.4

References

• VENDOR_ADVISORYhttp://support.apple.com/kb/HT4808
• MAILING_LISThttp://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html