FKIE_CVE-2009-2200

Vulnerability from fkie_nvd - Published: 2009-08-12 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document.
References
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2009/Aug/msg00002.htmlPatch, Vendor Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
cve@mitre.orghttp://secunia.com/advisories/43068
cve@mitre.orghttp://support.apple.com/kb/HT3733Patch, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/36024
cve@mitre.orghttp://www.securitytracker.com/id?1022720
cve@mitre.orghttp://www.vupen.com/english/advisories/2011/0212
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43068
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3733Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/36024
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022720
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0212
Impacted products
Vendor Product Version
apple mac_os_x 10.4.
apple mac_os_x 10.5.7
apple mac_os_x 10.5.8
apple mac_os_x_server 10.4.11
apple mac_os_x_server 10.5.7
apple mac_os_x_server 10.5.8
microsoft windows_vista *
microsoft windows_xp *
apple safari *
apple safari 0.8
apple safari 0.9
apple safari 1.0
apple safari 1.0
apple safari 1.0
apple safari 1.0.0
apple safari 1.0.0b1
apple safari 1.0.0b2
apple safari 1.0.1
apple safari 1.0.2
apple safari 1.0.3
apple safari 1.0.3
apple safari 1.0.3
apple safari 1.1
apple safari 1.1.0
apple safari 1.1.1
apple safari 1.2
apple safari 1.2.0
apple safari 1.2.1
apple safari 1.2.2
apple safari 1.2.3
apple safari 1.2.4
apple safari 1.2.5
apple safari 1.3
apple safari 1.3.0
apple safari 1.3.1
apple safari 1.3.2
apple safari 1.3.2
apple safari 1.3.2
apple safari 2.0
apple safari 2.0.0
apple safari 2.0.1
apple safari 2.0.2
apple safari 2.0.3
apple safari 2.0.3
apple safari 2.0.3
apple safari 2.0.3
apple safari 2.0.3
apple safari 2.0.3_417.9.3
apple safari 2.0.4
apple safari 2.0.4_419.3
apple safari 2.0_pre
apple safari 3
apple safari 3.0
apple safari 3.0.0
apple safari 3.0.0b
apple safari 3.0.1
apple safari 3.0.1
apple safari 3.0.1b
apple safari 3.0.2
apple safari 3.0.2b
apple safari 3.0.3
apple safari 3.0.3
apple safari 3.0.3b
apple safari 3.0.4
apple safari 3.0.4_beta
apple safari 3.0.4b
apple safari 3.1
apple safari 3.1.0
apple safari 3.1.0b
apple safari 3.1.1
apple safari 3.1.2
apple safari 3.2
apple safari 3.2.0
apple safari 3.2.1
apple safari 3.2.2
apple safari 4.0
apple safari 4.0
apple safari 4.0.1
apple safari 4.0_beta
apple safari 4beta
apple safari beta2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CC1878A-7B92-4DA4-B239-243DCE90E152",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADF94705-562C-4EC8-993E-1AD88F01549C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C27DF35F-2121-4219-B7F0-81D26863D5E9",
              "versionEndIncluding": "4.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F4ADD0-449B-4DDD-9878-DE86CBD56756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0AECB7-FE62-4664-B3B8-8161DA6DA4BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A419AE8-F5A2-4E25-9004-AAAB325E201A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "64FE1AA1-32D1-4825-8B2B-E66093937D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "E760CD65-A10E-44F1-B835-DA6B77057C93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "30663B7F-3EDA-4B6B-9F39-65E2CEEB4543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91A09DA0-83E9-491D-A0A5-AF97B5463D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D91C7EF0-A56B-40E6-9CED-1228405D034E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE6078B0-4756-4E04-BAC4-C4EC90548A9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6B5A3F2-70EE-4ECD-AD6A-0A72D9EBC755",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C87EDB53-FB6E-4B10-B890-A7195D841C5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8:*:*:*:*:*:*",
              "matchCriteriaId": "957FCFC4-565A-4F2F-8D3D-D0982E1723F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:*",
              "matchCriteriaId": "22A450DC-CDF5-4EA0-A703-AFB3DEFE1395",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "857C92E2-6870-409A-9457-75F8C5C7B959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FD75A4F-F529-4F5E-957D-380215F7B21B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "834EC299-2010-4306-8CEE-35D735583101",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "443FF271-A3AB-4659-80B2-89F771BF5371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D29B98E-2F62-4F6F-976D-FEC4EB07F106",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3112AFEB-7893-467C-8B45-A44D5697BB79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC83309-3A97-4619-B5C1-574610838BC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "891514D5-50C8-4EDC-81C5-24ABF8BCC022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "25032A3A-9D05-4E69-9A22-C9B332976769",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF75A31C-FE42-4CB4-A0E6-0CAB7B122483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDD80AB-2A6C-47FF-A1E9-DEB273C6B4E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EAC0DC3-7B55-49BC-89BC-C588E6FC6828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9315ADD-5B97-4639-9B59-806EFD7BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7DD81AB-27D6-4CB0-BBF0-5710DAD55A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:*",
              "matchCriteriaId": "21BAC0B8-063C-4772-8F1B-EB9A2F7A585C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:*",
              "matchCriteriaId": "6BAB4071-A883-4E04-BDDF-A121C4738E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3889ED-9329-4C84-A173-2553BEAE3EDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B74019F-C365-4E13-BBB4-D84AD9C1F87C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E0E57D5-A7C9-4985-8CE4-E0D4B8BBF371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "06494FA8-F12A-435A-97A4-F38C58DF43F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1BB047B-D45E-4695-AAEB-D0830DB1663E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*",
              "matchCriteriaId": "018A7A39-2AFD-47A9-AE88-7ABDBFE5EDA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*",
              "matchCriteriaId": "1082B33F-33B5-453A-A5AA-10F65AB2E625",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*",
              "matchCriteriaId": "6CF4DB54-AA7E-44C3-83E3-1A8971719D5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*",
              "matchCriteriaId": "EC348464-F08D-4ABF-BB90-3FA93C786F34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.3_417.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "61652033-FD15-47D6-8B18-CF28E6CE346C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDCF83E-620C-40FA-9901-5D939E315143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0.4_419.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D113B5-070D-4F91-AB5E-222D71C90EDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:2.0_pre:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E86DEDD-ABDC-46BD-BAD3-A409635F7801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3BAE980-449F-4F8C-A5BC-6CB7226E971A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A33F900-D405-40A8-A0A5-3C80320FF6E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4444A309-5A97-4E1C-B4EA-C4A070A98CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B29951B-9A98-45B7-8E4B-5515C048EC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CEB23DE-1A9D-480E-8B8B-9F110A8ABDE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.1:beta:*:*:*:*:*:*",
              "matchCriteriaId": "4CED950D-38AB-4D66-B97A-FB982D86057F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0FDEB4F-133A-43DF-A89B-53E249F1293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "84E78F43-07BD-4D62-9512-DA738A92BC7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AE25E9E-826E-4782-AED8-AC6297B18D93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3180366-2240-467E-8AB9-BEA0430948F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.3:522.15.5:*:*:*:*:*:*",
              "matchCriteriaId": "63FEA310-C6F2-4F2A-ABA8-6468308E3569",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E834B8-545E-4472-9D60-B4CF1340D62C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB9CC52-E533-4306-9E92-73C84B264D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.4_beta:*:*:*:*:*:*:*",
              "matchCriteriaId": "02C814DE-1884-4F3E-944D-068F7FD55B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*",
              "matchCriteriaId": "14A5CA99-8B1C-4C35-85E3-DB0495444A5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "912A26D1-3264-464F-B101-1796B35437E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "01D8C2EF-D552-4279-A12E-70E292F39E31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00082E3-EBF5-4C23-9F57-BF73E587FC05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C453B588-15FD-4A9C-8BC1-6202A21DAE02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "460A6F14-7CCE-47CA-BE0C-6DF32CD6A8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD634B1-4986-4E80-8BDC-58941893F6BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "15BB6761-3581-4AE6-85E0-1609D15D7618",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFA1A4C8-9F87-449F-A11F-52E5D52247E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE8498D2-DECC-4B88-BC1B-F8E2D076EE38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "9DC87F61-3463-468A-BF0B-070816BBC3CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2FD40E4-D4C9-492E-8432-ABC9BD2C7E67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4.0_beta:528.16:*:*:*:*:*:*",
              "matchCriteriaId": "48644B6B-501A-4DAB-BD69-F6ADA4D36549",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:4beta:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA27C19-7F59-4406-9055-1FDFC426F2C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:beta2:*:*:*:*:*:*:*",
              "matchCriteriaId": "04C977D9-26B7-4731-B8E1-CA44EB387B9A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document."
    },
    {
      "lang": "es",
      "value": "WebKit en Apple Safari anteriores a v4.0.3 no restringe apropiadamente el esquema URL del atributo pluginspage de un elemento EMBED, lo que permite a los atacantes remotos asistidos por usuarios lanzar un archivo arbitrario: URLs y obtener informaci\u00f3n sensible a trav\u00e9s de un documento HTML manipulado."
    }
  ],
  "id": "CVE-2009-2200",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.1,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-08-12T19:30:00.517",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT3733"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/36024"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1022720"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.apple.com/kb/HT3733"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/36024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022720"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.