Back to search
CVE-2010-3259
Published: Sep 7, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
MDVSA-2011:039
vendor-advisory
x_refsource_MANDRIVA
ADV-2010-2722
vdb-entry
x_refsource_VUPEN
43068
third-party-advisory
x_refsource_SECUNIA
USN-1006-1
vendor-advisory
x_refsource_UBUNTU
http://support.apple.com/kb/HT4455
x_refsource_CONFIRM
41856
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0212
vdb-entry
x_refsource_VUPEN
https://technet.microsoft.com/library/security/msvr11-002
x_refsource_MISC
ADV-2010-3046
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:11221
vdb-entry
signature
x_refsource_OVAL
ADV-2011-0216
vdb-entry
x_refsource_VUPEN
43086
third-party-advisory
x_refsource_SECUNIA
44206
vdb-entry
x_refsource_BID
SUSE-SR:2011:002
vendor-advisory
x_refsource_SUSE
APPLE-SA-2010-11-18-1
vendor-advisory
x_refsource_APPLE
42314
third-party-advisory
x_refsource_SECUNIA
RHSA-2011:0177
vendor-advisory
x_refsource_REDHAT
ADV-2011-0552
vdb-entry
x_refsource_VUPEN
http://code.google.com/p/chromium/issues/detail?id=53001
x_refsource_CONFIRM
http://support.apple.com/kb/HT4456
x_refsource_CONFIRM
APPLE-SA-2010-11-22-1
vendor-advisory
x_refsource_APPLE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now