Oval Definition:oval:org.opensuse.security:def:20103813
Revision Date:2015-11-16Version:1
Title:CVE-2010-3813
Description:
The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS prefetching is enabled when processing an HTML LINK element, which allows remote attackers to bypass intended access restrictions, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2010-3813
Platform(s):openSUSE 11.2
openSUSE 11.3
Product(s):
Definition Synopsis
  • Release Information
  • suse112 is installed
  • AND
  • libwebkit-1_0-2 less than 1.2.6-0.5.1
  • OR libwebkit-devel less than 1.2.6-0.5.1
  • OR libwebkit-lang less than 1.2.6-0.5.1
  • OR webkit-jsc less than 1.2.6-0.5.1
  • OR Package Information
  • suse113 is installed
  • AND
  • libwebkit-1_0-2-32bit less than 1.2.6-0.2.1
  • OR libwebkit-1_0-2 less than 1.2.6-0.2.1
  • OR libwebkit-devel less than 1.2.6-0.2.1
  • OR libwebkit-lang less than 1.2.6-0.2.1
  • OR webkit-jsc less than 1.2.6-0.2.1
    • BACK