|
|
Info |
Last Modified |
| about 1 year ago |
|
|
|
|
Keywords |
Security Update 2006-002
|
|
Description |
Mac OS X CoreTypes contains a flaw that may allow a malicious webpage access to the properties of another domain. The issue is triggered due to the application's failure to properly enforce same-origin policy for JavaScript remote data access. It is possible that the flaw may allow disclosure of sensitive information or may facilitate other attacks against a user of the browser, resulting in a loss of confidentiality.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Other
Impact:
Loss of Confidentiality
Exploit:
Exploit Unavailable
Disclosure:
OSVDB Verified
|
|
Solution |
Currently, there are no known workarounds or upgrades to correct this issue. However, vendor has released a patch to address this vulnerability.
|
|
Products |
|
Mac OS X
 |
10.4 |
10.4.1 |
10.4.2 |
10.4.3 |
10.4.4 |
10.4.5 |
Mac OS X Server
|
10.4.2 |
10.4 |
10.4.1 |
10.4.3 |
10.4.4 |
10.4.5 |
|
|
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
