The plug-in interface in WebKit in Apple Safari before 3.2 does not prevent plug-ins from accessing local URLs, which allows remote attackers to obtain sensitive information via vectors that "launch local files."
Software | From | Fixed in |
---|---|---|
apple / safari | - | - |
apple / safari | - | 3.1.2.x |
apple / safari | 0.8 | 0.8.x |
apple / safari | 0.9 | 0.9.x |
apple / safari | 1.0 | 1.0.x |
apple / safari | 1.0-beta | 1.0-beta.x |
apple / safari | 1.0-beta2 | 1.0-beta2.x |
apple / safari | 1.0.3 | 1.0.3.x |
apple / safari | 1.1 | 1.1.x |
apple / safari | 1.1.1 | 1.1.1.x |
apple / safari | 1.2 | 1.2.x |
apple / safari | 1.2.1 | 1.2.1.x |
apple / safari | 1.2.2 | 1.2.2.x |
apple / safari | 1.2.3 | 1.2.3.x |
apple / safari | 1.2.4 | 1.2.4.x |
apple / safari | 1.2.5 | 1.2.5.x |
apple / safari | 1.3 | 1.3.x |
apple / safari | 1.3.1 | 1.3.1.x |
apple / safari | 1.3.2 | 1.3.2.x |
apple / safari | 2 | 2.x |
apple / safari | 2.0 | 2.0.x |
apple / safari | 2.0_pre | 2.0_pre.x |
apple / safari | 2.0.1 | 2.0.1.x |
apple / safari | 2.0.2 | 2.0.2.x |
apple / safari | 2.0.3 | 2.0.3.x |
apple / safari | 2.0.3_417.9.3 | 2.0.3_417.9.3.x |
apple / safari | 2.0.4 | 2.0.4.x |
apple / safari | 2.0.4_419.3 | 2.0.4_419.3.x |
apple / safari | 3 | 3.x |
apple / safari | 3.0 | 3.0.x |
apple / safari | 3.0.1 | 3.0.1.x |
apple / safari | 3.0.2 | 3.0.2.x |
apple / safari | 3.0.3 | 3.0.3.x |
apple / safari | 3.0.4 | 3.0.4.x |
apple / safari | 3.0.4_beta | 3.0.4_beta.x |
apple / safari | 3.1 | 3.1.x |
apple / safari | 3.1.1 | 3.1.1.x |