Back to search
CVE-2011-3218
Published: Oct 14, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
APPLE-SA-2011-10-12-3
vendor-advisory
x_refsource_APPLE
http://support.apple.com/kb/HT5016
x_refsource_CONFIRM
http://support.apple.com/kb/HT5002
x_refsource_CONFIRM
76373
vdb-entry
x_refsource_OSVDB
50085
vdb-entry
x_refsource_BID
50122
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now