Описание
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| webkit | fixed | 1.1.12-1 | package | |
| kdelibs | not-affected | package | ||
| kde4libs | not-affected | package | ||
| qt4-x11 | fixed | 4:4.6.2-4 | package | |
| qt4-x11 | no-dsa | lenny | package |
Примечания
QT4 might be fixed earlier, but only 4.6.2 was checked against
http://trac.webkit.org/changeset/35928
EPSS
Связанные уязвимости
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."
EPSS