The plug-in interface in WebKit in Apple Safari before 3.2 does not prevent plug-ins from accessing local URLs, which allows remote attackers to obtain sensitive information via vectors that "launch local files."
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2008-11-17 10:18
Updated : 2012-10-30 20:04
NVD link : CVE-2008-4216
Mitre link : CVE-2008-4216
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
apple
- safari