Bug#538403: CVE-2009-1724: Cross-site scripting (XSS) vulnerability in WebKit

To: submit@bugs.debian.org
Subject: Bug#538403: CVE-2009-1724: Cross-site scripting (XSS) vulnerability in WebKit
From: Luciano Bello <luciano@debian.org>
Date: Sat, 25 Jul 2009 12:21:47 -0300
Message-id: <[🔎] 200907251221.47369.luciano@debian.org>
Reply-to: Luciano Bello <luciano@debian.org>, 538403@bugs.debian.org

Package: qt4-x11
Version: 4:4.5.2-1
Severity: grave
Tags: security

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for qt4-x11.

CVE-2009-1724[0]:
| Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari
| before 4.0.2 allows remote attackers to inject arbitrary web script or
| HTML via vectors related to parent and top objects.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1724
    http://security-tracker.debian.net/tracker/CVE-2009-1724
[1] http://www.thespanner.co.uk/2009/06/19/minor-safari-cross-domain-bug/

Reply to:

Prev by Date: Processed: (no subject)
Next by Date: kdebase-workspace 4:4.2.4-1 MIGRATED to testing
Previous by thread: Processed: (no subject)
Next by thread: Bug#530538: [kopete] Webcam support is non functionnal
Index(es):
- Date
- Thread