Oval Definition:oval:org.opensuse.security:def:20091697
Revision Date:2015-11-16Version:1
Title:CVE-2009-1697
Description:
CRLF injection vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject HTTP headers and bypass the Same Origin Policy via a crafted HTML document, related to cross-site scripting (XSS) attacks that depend on communication with arbitrary web sites on the same server through use of XMLHttpRequest without a Host header.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2009-1697
Platform(s):openSUSE 11.2
openSUSE 11.3
Product(s):
Definition Synopsis
  • Release Information
  • suse112 is installed
  • AND
  • libwebkit-1_0-2 less than 1.2.6-0.5.1
  • OR libwebkit-devel less than 1.2.6-0.5.1
  • OR libwebkit-lang less than 1.2.6-0.5.1
  • OR webkit-jsc less than 1.2.6-0.5.1
  • OR Package Information
  • suse113 is installed
  • AND
  • libwebkit-1_0-2-32bit less than 1.2.6-0.2.1
  • OR libwebkit-1_0-2 less than 1.2.6-0.2.1
  • OR libwebkit-devel less than 1.2.6-0.2.1
  • OR libwebkit-lang less than 1.2.6-0.2.1
  • OR webkit-jsc less than 1.2.6-0.2.1
    • BACK