CVE-2009-1710 in Ubuntu

CVE-2009-1710

Priority

Description

WebKit in Apple Safari before 4.0 allows remote attackers to spoof the
browser's display of (1) the host name, (2) security indicators, and
unspecified other UI elements via a custom cursor in conjunction with a
modified CSS3 hotspot property.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1710

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535793

Assigned-to

micahg

Notes

jdstrand	webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit
mdeslaur	code does not appear present in kde4libs

Package

Source: qt4-x11 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 22.04 LTS (Jammy Jellyfish):	not-affected (4.5.2-0ubuntu5)

Patches:

Package

Source: webkit (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 22.04 LTS (Jammy Jellyfish):	not-affected (1.1.12-1ubuntu1)

Patches:

Upstream:

http://trac.webkit.org/changeset/35157

More Information

Updated: 2022-02-10 23:37:22 UTC (commit acb3d89ab51f1d5e5543fa993969c0eb13c71f04)