CVE-2010-0651
published 2010-02-18CVE-2010-0651: WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the…
medium4.3CVSS 3.1
AVNACMAuNCPINAN
WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | safari | <= 4.0.4 | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | safari | — | — |
| apple | webkit | <= r53524 | — |
| chrome | <= 4.0.249.78 | — |