CVE-2011-3243
Priority
Medium
Description
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS
before 5 and Safari before 5.1.1, allows remote attackers to inject
arbitrary web script or HTML via vectors involving inactive DOM windows.
before 5 and Safari before 5.1.1, allows remote attackers to inject
arbitrary web script or HTML via vectors involving inactive DOM windows.
Notes
jdstrand> qt4-x11 unmaintained upstream (see README.webkit for details)
jdstrand> marking chromium-browser as fixed since it has 22+ on all releases
and they sync with upstream webkit every few weeks
jdstrand> marking chromium-browser as fixed since it has 22+ on all releases
and they sync with upstream webkit every few weeks
Package
| Upstream: | needs-triage |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | needs-triage |
| Ubuntu 12.10 (Quantal Quetzal): | needs-triage |
| Ubuntu 13.04 (Raring Ringtail): | needs-triage |
| Ubuntu 13.10 (Saucy Salamander): | needs-triage |
Package
| Upstream: | needs-triage |
| Ubuntu 10.04 LTS (Lucid Lynx): | DNE |
| Ubuntu 12.04 LTS (Precise Pangolin): | needs-triage |
| Ubuntu 12.10 (Quantal Quetzal): | needs-triage |
| Ubuntu 13.04 (Raring Ringtail): | needs-triage |
| Ubuntu 13.10 (Saucy Salamander): | needs-triage |
Package
| Upstream: | needs-triage |
| Ubuntu 10.04 LTS (Lucid Lynx): | ignored (see notes) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (webkit isn't built) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (webkit isn't built) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (webkit isn't built) |
| Ubuntu 13.10 (Saucy Salamander): | not-affected (webkit isn't built) |
Package
| Upstream: | released |
| Ubuntu 10.04 LTS (Lucid Lynx): | released |
| Ubuntu 12.04 LTS (Precise Pangolin): | released |
| Ubuntu 12.10 (Quantal Quetzal): | released |
| Ubuntu 13.04 (Raring Ringtail): | released |
| Ubuntu 13.10 (Saucy Salamander): | released |