Description Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via a FRAME element with a SRC attribute composed of a javascript: sequence preceded by spaces.
Severity: MEDIUM (4.3)
Published: June 11, 2010
Modified: Sept. 19, 2017
Error type identifier: CWE-79 References to Advisories, Solutions, and Tools Affected configurations: cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4.0:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*
Running on/with:
cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*