AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-04-18T04:00:00

Updated: 2024-08-07T21:35:58.906Z

Reserved: 2005-04-05T00:00:00

Link: CVE-2005-0976

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2005-05-02T04:00:00.000

Modified: 2024-11-20T23:56:18.870

Link: CVE-2005-0976

cve-icon Redhat

No data.