CVE-2005-0976

4 documents4 sources

Severity

5.0MEDIUM

EPSS

0.4%

top 41.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Safari Hmdt Shiira Omnigroup Omniweb

Timeline

PublishedMay 2

Latest updateMay 1

Description

AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶NVDomnigroup/omniweb5.1

▶NVDapple/safari1.2

▶NVDhmdt/shiira0.93

🔴Vulnerability Details

GHSA

GHSA-vqvq-xc42-62xh: AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1↗2022-05-01

▶

CVEList

CVE-2005-0976: AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1↗2005-04-18

▶